Lucene search
PRIOn knowledge basePRION:CVE-2024-23745HistoryJan 31, 2024 - 2:15 a.m.
Design/Logic Flaw
2024-01-3102:15:00
PRIOn knowledge base
www.prio-n.com
4
notion web clipper
dirty nib attack
arbitrary commands
gatekeeper
cve-2022-48505
file signatures
macos
In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution of arbitrary commands within the application’s context. NOTE: the vendor’s perspective is that this is simply an instance of CVE-2022-48505, cannot properly be categorized as a product-level vulnerability, and cannot have a product-level fix because it is about incorrect caching of file signatures on macOS.
| CPE | Name | Operator | Version |
|---|---|---|---|
| web_clipper | eq | 1.0.37 |
Related
nvd
nvd
CVE-2024-23745
2024-01-31 02:15:54
CVE-2022-48505
2023-06-28 02:15:49
cvelist
cvelist
CVE-2024-23745
2024-01-31 00:00:00
CVE-2022-48505
2023-06-28 01:58:19
cve
cve
CVE-2024-23745
2024-01-31 02:15:54
CVE-2022-48505
2023-06-28 02:15:49
prion
prion
Design/Logic Flaw
2023-06-28 02:15:00
apple
apple
About the security content of macOS Ventura 13
2022-10-24 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT213488)
2023-07-25 00:00:00