Code injection in Stripe CLI on windows in github.com/stripe/stripe-cli

Overview

Source

OSV

GO-2022-0350

Aliases

CVE-2022-24753

GHSA-4cx6-fj7j-pjx9

Affected package

github.com/stripe/stripe-cli

Description

Code injection in Stripe CLI on windows in github.com/stripe/stripe-cli

Impact

Reference links

https://github.com/stripe/stripe-cli/commit/be38da5c0191adb77f661f769ffff2fbc7ddf6cd

https://github.com/stripe/stripe-cli/security/advisories/GHSA-4cx6-fj7j-pjx9

https://nvd.nist.gov/vuln/detail/CVE-2022-24753

https://vuln.go.dev/ID/GO-2022-0350.json

Summary

Total packages affected

Packages with at least one version that is affected by the advisory or has an affected dependency.

Packages with a known fix

Packages with versions affected by the advisory that have a greater version that is not affected.

<0.01%

Total ecosystem affected

The proportion of packages in the ecosystem that are affected by the advisory (fixed or not).

github.com/stripe/stripe-cli

Affected Version: Introduced: 0, Fixed: 1.7.13

Patched/Unaffected

v1.7.13

February 16, 2022

March 2, 2022

March 17, 2022

March 30, 2022

March 30, 2022

March 31, 2022

March 31, 2022

April 8, 2022

April 23, 2022

April 22, 2022

April 29, 2022

April 29, 2022

May 4, 2022

May 27, 2022

June 4, 2022

June 4, 2022

June 4, 2022

June 2, 2022

August 4, 2022

August 8, 2022

August 17, 2022

August 26, 2022

August 25, 2022

September 8, 2022

September 15, 2022

September 16, 2022

September 22, 2022

October 7, 2022

October 20, 2022

November 15, 2022

November 15, 2022

November 15, 2022

November 15, 2022

November 21, 2022

December 2, 2022

January 10, 2023

January 11, 2023

February 13, 2023

February 25, 2023

February 28, 2023

March 1, 2023

April 4, 2023

May 3, 2023

May 15, 2023

May 15, 2023

May 15, 2023

May 15, 2023

May 17, 2023

May 23, 2023

June 27, 2023

July 12, 2023

July 21, 2023

August 10, 2023

August 26, 2023

October 17, 2023

December 20, 2023

December 20, 2023

January 23, 2024

March 26, 2024

March 27, 2024

May 13, 2024

June 12, 2024

June 25, 2024

July 26, 2024

July 26, 2024

August 28, 2024

September 5, 2024

September 5, 2024

September 24, 2024

September 26, 2024

October 1, 2024

October 16, 2024

October 18, 2024

October 29, 2024

November 21, 2024

December 19, 2024

December 19, 2024

December 19, 2024

December 19, 2024

January 22, 2025

January 22, 2025

January 22, 2025

January 23, 2025

January 23, 2025

January 27, 2025

January 29, 2025

v1.23.11-0.19700101000000-8e757305da38

Affected

February 10, 2022

February 3, 2022

January 25, 2022

December 14, 2021

November 9, 2021

November 9, 2021

November 2, 2021

November 9, 2021

October 12, 2021

September 15, 2021

September 14, 2021

September 9, 2021

July 24, 2021

June 16, 2021

June 8, 2021

June 7, 2021

May 27, 2021

May 24, 2021

April 19, 2021

April 15, 2021

April 2, 2021

March 15, 2021

March 12, 2021

February 9, 2021

January 23, 2021

January 21, 2021

January 22, 2021

November 20, 2020

November 8, 2020

October 16, 2020

October 12, 2020

August 14, 2020

July 31, 2020

January 22, 2021

January 22, 2021

January 22, 2021

January 22, 2021

June 19, 2020

January 22, 2021

January 22, 2021

January 22, 2021

January 22, 2021

January 22, 2021

January 22, 2021

January 22, 2021

January 22, 2021

January 22, 2021

March 8, 2020

March 3, 2020

March 8, 2020

March 8, 2020

March 8, 2020

March 8, 2020

March 8, 2020

January 16, 2020

March 8, 2020

January 3, 2020

January 3, 2020

January 3, 2020

January 3, 2020

December 9, 2019

November 20, 2019

November 12, 2019

November 7, 2019

January 3, 2020

November 6, 2019

January 3, 2020

January 3, 2020

January 3, 2020

January 3, 2020

January 3, 2020

January 3, 2020

January 3, 2020

October 26, 2019

October 26, 2019

October 26, 2019

October 26, 2019

October 26, 2019

October 11, 2019

October 26, 2019

October 26, 2019

October 26, 2019

October 26, 2019

October 3, 2019

October 26, 2019

October 26, 2019

October 26, 2019

October 26, 2019

September 22, 2019

September 22, 2019

September 22, 2019

September 14, 2019

September 14, 2019

September 14, 2019

September 14, 2019

September 14, 2019

September 14, 2019

September 14, 2019

August 28, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 23, 2019

August 17, 2019