CVE-2024-23745

Name of the Vulnerable Software and Affected Versions Notion Web Clipper version 1.0.3(7)

Description The Notion Web Clipper is susceptible to the Dirty NIB attack, where .nib files can be manipulated to execute arbitrary commands. Even if a .nib file is modified within an application, Gatekeeper may still permit the execution of the application, allowing the execution of arbitrary commands within the application's context.

Recommendations For Notion Web Clipper version 1.0.3(7), consider disabling the execution of .nib files until a proper fix is available, as the vendor's perspective is that this issue is related to incorrect caching of file signatures on macOS. At the moment, there is no information about a newer version that contains a fix for this issue.