Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nuget/recurly-api-client@1.4.0
Typenuget
Namespace
Namerecurly-api-client
Version1.4.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-v1qg-mzkf-r3dj
vulnerability_id VCID-v1qg-mzkf-r3dj
summary 
Server-Side Request Forgery (SSRF)
The Recurly Client .NET Library is vulnerable to a Server-Side Request Forgery vulnerability due to incorrect use of "Uri.EscapeUriString" that could result in compromise of API keys or other critical resources.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-0907
reference_id
reference_type
scores
0
value 0.00519
scoring_system epss
scoring_elements 0.672
published_at 2026-06-06T12:55:00Z
1
value 0.00519
scoring_system epss
scoring_elements 0.67183
published_at 2026-06-09T12:55:00Z
2
value 0.00519
scoring_system epss
scoring_elements 0.67167
published_at 2026-06-08T12:55:00Z
3
value 0.00519
scoring_system epss
scoring_elements 0.67192
published_at 2026-06-05T12:55:00Z
4
value 0.00519
scoring_system epss
scoring_elements 0.67184
published_at 2026-06-07T12:55:00Z
5
value 0.00519
scoring_system epss
scoring_elements 0.67152
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-0907
1
reference_url https://dev.recurly.com/page/net-updates
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://dev.recurly.com/page/net-updates
2
reference_url https://github.com/advisories/GHSA-xpwp-rq3x-x6v7
reference_id
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-xpwp-rq3x-x6v7
3
reference_url https://github.com/recurly/recurly-client-net/commit/9eef460c0084afd5c24d66220c8b7a381cf9a1f1
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/recurly/recurly-client-net/commit/9eef460c0084afd5c24d66220c8b7a381cf9a1f1
4
reference_url https://hackerone.com/reports/288635
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/288635
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-0907
reference_id CVE-2017-0907
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-0907
fixed_packages
0
url pkg:nuget/recurly-api-client@1.4.14
purl pkg:nuget/recurly-api-client@1.4.14
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/recurly-api-client@1.4.14
1
url pkg:nuget/recurly-api-client@1.5.3
purl pkg:nuget/recurly-api-client@1.5.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/recurly-api-client@1.5.3
2
url pkg:nuget/recurly-api-client@1.6.2
purl pkg:nuget/recurly-api-client@1.6.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/recurly-api-client@1.6.2
3
url pkg:nuget/recurly-api-client@1.7.1
purl pkg:nuget/recurly-api-client@1.7.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/recurly-api-client@1.7.1
4
url pkg:nuget/recurly-api-client@1.8.1
purl pkg:nuget/recurly-api-client@1.8.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/recurly-api-client@1.8.1
aliases CVE-2017-0907, GHSA-xpwp-rq3x-x6v7
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v1qg-mzkf-r3dj
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nuget/recurly-api-client@1.4.0