CVE-2024-45401 | stripe-cli up to 1.21.2 Manifest path traversal (GHSA-fv4g-gwpj-74gr)

Posted by Angelo Barbosa | Sep 5, 2024 | CVE

A vulnerability, which was classified as critical, was found in stripe-cli up to 1.21.2. Affected is an unknown function of the component Manifest Handler. The manipulation leads to path traversal.

This vulnerability is traded as CVE-2024-45401. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45401 | stripe-cli up to 1.21.2 Manifest path traversal (GHSA-fv4g-gwpj-74gr)

Related Posts

CVE-2022-43575 | IBM Aspera Console up to 3.4.2 PL5 Web UI cross site scripting (XFDB-238645)

CVE-2024-32858 | Dell CPG BIOS prior 2.18.0 input validation (dsa-2024-124)

CVE-2023-52798 | Linux Kernel up to 5.10.201/5.15.139/6.1.63/6.5.12/6.6.2 ath11k ath11k_mac_get_ar_by_pdev_id use after free

CVE-2024-27772 | Unitronics Unistream Unilogic prior 1.35.227 os command injection