CVE-2024-22405

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-22405
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-22405.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-22405
Related
  • GHSA-xg3c-r7w5-7xw2
Published
2024-04-30T10:15:07Z
Modified
2025-01-08T15:48:29.766309Z
Summary
[none]
Details

XADMaster is an objective-C library for archive and file unarchiving and extraction. When extracting a specially crafted zip archive XADMaster may not apply quarantine attribute correctly. Such behaviour may circumvent Gatekeeper checks on the system. Only macOS installations are affected. This issue was fixed in XADMaster 1.10.8. It is recommended to upgrade to the latest version. There are no known workarounds for this issue.

References

Affected packages

Git / github.com/macpaw/xadmaster

Affected ranges

Type
GIT
Repo
https://github.com/macpaw/xadmaster
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

v1.*

v1.10.4
v1.10.5
v1.10.7