VYPR
Critical severity9.8NVD Advisory· Published Nov 13, 2017· Updated Jun 17, 2026

CVE-2017-0907

CVE-2017-0907

Description

The Recurly Client .NET Library before 1.0.1, 1.1.10, 1.2.8, 1.3.2, 1.4.14, 1.5.3, 1.6.2, 1.7.1, 1.8.1 is vulnerable to a Server-Side Request Forgery vulnerability due to incorrect use of "Uri.EscapeUriString" that could result in compromise of API keys or other critical resources.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
recurly-api-clientNuGet
< 1.0.11.0.1
recurly-api-clientNuGet
>= 1.1.0, < 1.1.101.1.10
recurly-api-clientNuGet
>= 1.2.0, < 1.2.81.2.8
recurly-api-clientNuGet
>= 1.3.0, < 1.3.21.3.2
recurly-api-clientNuGet
>= 1.4.0, < 1.4.141.4.14
recurly-api-clientNuGet
>= 1.5.0, < 1.5.31.5.3
recurly-api-clientNuGet
>= 1.6.0, < 1.6.21.6.2
recurly-api-clientNuGet
>= 1.7.0, < 1.7.11.7.1
recurly-api-clientNuGet
>= 1.8.0, < 1.8.11.8.1

Affected products

46
  • cpe:2.3:a:recurly:recurly_client_.net:1.0.0:*:*:*:*:*:*:*+ 44 more
    • cpe:2.3:a:recurly:recurly_client_.net:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.0.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.0.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.0.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.0.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.0.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.0.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.4.10:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.4.11:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.4.12:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.4.13:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.4.8:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.4.9:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:recurly:recurly_client_.net:1.8.0:*:*:*:*:*:*:*
    • (no CPE)range: Versions before 1.0.1, 1.1.10, 1.2.8, 1.3.2, 1.4.14, 1.5.3, 1.6.2, 1.7.1, 1.8.1
  • ghsa-coords
    Range: < 1.0.1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.