CVE-2024-45401

stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a manifest with a malformed plugin shortname installed using the --archive-url or --archive-path flags can overwrite arbitrary files. The update in version 1.21.3 addresses the path traversal vulnerability by removing the ability to install plugins from an archive URL or path. There has been no evidence of exploitation of this vulnerability.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 0.8 / Impact : 6.0

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://github.com/stripe/stripe-cli/security/advisories/GHSA-fv4g-gwpj-74gr	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:stripe:stripe_cli:*:*:*:*:*:*:*:*

History

02 Jan 2025, 20:16

Type	Values Removed	Values Added
First Time		Stripe stripe Cli
CPE	cpe:2.3:a:stripe:stripe-cli::::::::	cpe:2.3:a:stripe:stripe_cli::::::::

19 Dec 2024, 22:15

Type	Values Removed	Values Added
References	~~{'url': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H', 'tags': ['Broken Link'], 'source': 'security-advisories@github.com'}~~

Information

Published : 2024-09-05 18:15

Updated : 2025-01-02 20:16

NVD link : CVE-2024-45401

Mitre link : CVE-2024-45401

CVE.ORG link : CVE-2024-45401

JSON object : View

Products Affected

stripe

stripe_cli

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2024-45401", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 0.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 1.8}]}, "published": "2024-09-05T18:15:06.227", "references": [{"url": "https://github.com/stripe/stripe-cli/security/advisories/GHSA-fv4g-gwpj-74gr", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-22"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a manifest with a malformed plugin shortname installed using the --archive-url or --archive-path flags can overwrite arbitrary files. The update in version 1.21.3 addresses the path traversal vulnerability by removing the ability to install plugins from an archive URL or path. There has been no evidence of exploitation of this vulnerability."}, {"lang": "es", "value": "stripe-cli es una herramienta de l\u00ednea de comandos para el procesador de pagos Stripe. Existe una vulnerabilidad en stripe-cli a partir de la versi\u00f3n 1.11.1 y anteriores a la versi\u00f3n 1.21.3, donde un paquete de complemento que contiene un manifiesto con un nombre corto de complemento mal formado instalado usando los indicadores --archive-url o --archive-path puede sobrescribir archivos arbitrarios. La actualizaci\u00f3n en la versi\u00f3n 1.21.3 soluciona la vulnerabilidad de path traversal al eliminar la capacidad de instalar complementos desde una URL o ruta de archivo. No ha habido evidencia de explotaci\u00f3n de esta vulnerabilidad."}], "lastModified": "2025-01-02T20:16:12.107", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:stripe:stripe_cli:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBE2DD29-3585-4A0D-9009-D804A564327C", "versionEndExcluding": "1.21.3", "versionStartIncluding": "1.11.1"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}