The Recurly Client Python Library before 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vulnerability in the “Resource.get” method that could result in compromise of API keys or other critical resources.
[
{
"product": "recurly python module",
"vendor": "Recurly",
"versions": [
{
"status": "affected",
"version": "Versions before 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2"
}
]
}
]