Stripe Cli
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Stripe Cli.
By the Year
In 2026 there have been 0 vulnerabilities in Stripe Cli. Stripe Cli did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 7.10 |
It may take a day or so for new Stripe Cli vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Stripe Cli Security Vulnerabilities
Path Traversal in stripe-cli 1.11.11.21.3 via Malformed Plugin Shortname
CVE-2024-45401
7.1 - High
- September 05, 2024
stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a manifest with a malformed plugin shortname installed using the --archive-url or --archive-path flags can overwrite arbitrary files. The update in version 1.21.3 addresses the path traversal vulnerability by removing the ability to install plugins from an archive URL or path. There has been no evidence of exploitation of this vulnerability.
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Stripe Cli or by Stripe? Click the Watch button to subscribe.
