CVE-2024-22405 (GCVE-0-2024-22405)
Vulnerability from cvelistv5 – Published: 2024-04-30 10:04 – Updated: 2024-08-01 22:43
VLAI?
Title
XADMaster may not apply quarantine attribute correctly to extracted files
Summary
XADMaster is an objective-C library for archive and file unarchiving and extraction. When extracting a specially crafted zip archive XADMaster may not apply quarantine attribute correctly. Such behaviour may circumvent Gatekeeper checks on the system. Only macOS installations are affected. This issue was fixed in XADMaster 1.10.8. It is recommended to upgrade to the latest version. There are no known workarounds for this issue.
Severity ?
5.5 (Medium)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:macpaw:xadmaster:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xadmaster",
"vendor": "macpaw",
"versions": [
{
"lessThan": "1.10.8",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22405",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-30T13:34:29.540533Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:52:55.463Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/MacPaw/XADMaster/security/advisories/GHSA-xg3c-r7w5-7xw2",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/MacPaw/XADMaster/security/advisories/GHSA-xg3c-r7w5-7xw2"
},
{
"name": "https://github.com/MacPaw/XADMaster/commit/b75c05bc3bca9e183ecd3c512e270ce93006da3c",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/MacPaw/XADMaster/commit/b75c05bc3bca9e183ecd3c512e270ce93006da3c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "XADMaster",
"vendor": "MacPaw",
"versions": [
{
"status": "affected",
"version": "\u003c 1.10.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "XADMaster is an objective-C library for archive and file unarchiving and extraction. When extracting a specially crafted zip archive XADMaster may not apply quarantine attribute correctly. Such behaviour may circumvent Gatekeeper checks on the system. Only macOS installations are affected. This issue was fixed in XADMaster 1.10.8. It is recommended to upgrade to the latest version. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-30T10:04:24.056Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/MacPaw/XADMaster/security/advisories/GHSA-xg3c-r7w5-7xw2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/MacPaw/XADMaster/security/advisories/GHSA-xg3c-r7w5-7xw2"
},
{
"name": "https://github.com/MacPaw/XADMaster/commit/b75c05bc3bca9e183ecd3c512e270ce93006da3c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/MacPaw/XADMaster/commit/b75c05bc3bca9e183ecd3c512e270ce93006da3c"
}
],
"source": {
"advisory": "GHSA-xg3c-r7w5-7xw2",
"discovery": "UNKNOWN"
},
"title": "XADMaster may not apply quarantine attribute correctly to extracted files"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-22405",
"datePublished": "2024-04-30T10:04:24.056Z",
"dateReserved": "2024-01-10T15:09:55.548Z",
"dateUpdated": "2024-08-01T22:43:34.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/MacPaw/XADMaster/security/advisories/GHSA-xg3c-r7w5-7xw2\", \"name\": \"https://github.com/MacPaw/XADMaster/security/advisories/GHSA-xg3c-r7w5-7xw2\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/MacPaw/XADMaster/commit/b75c05bc3bca9e183ecd3c512e270ce93006da3c\", \"name\": \"https://github.com/MacPaw/XADMaster/commit/b75c05bc3bca9e183ecd3c512e270ce93006da3c\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T22:43:34.924Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-22405\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-30T13:34:29.540533Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:macpaw:xadmaster:-:*:*:*:*:*:*:*\"], \"vendor\": \"macpaw\", \"product\": \"xadmaster\", \"versions\": [{\"status\": \"affected\", \"version\": \"-\", \"lessThan\": \"1.10.8\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-04-30T13:37:30.454Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"XADMaster may not apply quarantine attribute correctly to extracted files\", \"source\": {\"advisory\": \"GHSA-xg3c-r7w5-7xw2\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"MacPaw\", \"product\": \"XADMaster\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.10.8\"}]}], \"references\": [{\"url\": \"https://github.com/MacPaw/XADMaster/security/advisories/GHSA-xg3c-r7w5-7xw2\", \"name\": \"https://github.com/MacPaw/XADMaster/security/advisories/GHSA-xg3c-r7w5-7xw2\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/MacPaw/XADMaster/commit/b75c05bc3bca9e183ecd3c512e270ce93006da3c\", \"name\": \"https://github.com/MacPaw/XADMaster/commit/b75c05bc3bca9e183ecd3c512e270ce93006da3c\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"XADMaster is an objective-C library for archive and file unarchiving and extraction. When extracting a specially crafted zip archive XADMaster may not apply quarantine attribute correctly. Such behaviour may circumvent Gatekeeper checks on the system. Only macOS installations are affected. This issue was fixed in XADMaster 1.10.8. It is recommended to upgrade to the latest version. There are no known workarounds for this issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-281\", \"description\": \"CWE-281: Improper Preservation of Permissions\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-04-30T10:04:24.056Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-22405\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T22:43:34.924Z\", \"dateReserved\": \"2024-01-10T15:09:55.548Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-04-30T10:04:24.056Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…