Medium severity5.5NVD Advisory· Published Apr 30, 2024· Updated Apr 15, 2026

CVE-2024-22405

Description

XADMaster is an objective-C library for archive and file unarchiving and extraction. When extracting a specially crafted zip archive XADMaster may not apply quarantine attribute correctly. Such behaviour may circumvent Gatekeeper checks on the system. Only macOS installations are affected. This issue was fixed in XADMaster 1.10.8. It is recommended to upgrade to the latest version. There are no known workarounds for this issue.

Patches

b75c05bc3bca

https://github.com/macpaw/xadmastervia osv

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/MacPaw/XADMaster/commit/b75c05bc3bca9e183ecd3c512e270ce93006da3cnvd
github.com/MacPaw/XADMaster/security/advisories/GHSA-xg3c-r7w5-7xw2nvd

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000