...
CVE-2024-3094 is a critical vulnerability in xz’s liblzma, versions 5.6.0 and 5.6.1, allowing remote code execution (RCE) by bypassing SSH authentication. Discovered in upstream tarballs, it involves complex obfuscations to inject malicious code during the build process, modifying liblzma functions. This backdoor can intercept and alter data interactions with any linked software.
If you have any questions or concerns, please do not hesitate to contact our Rego SaaS support team at SaaSSupportTeam@regoconsulting.com.
Thank you for your understanding and cooperation as we work to improve our services.
Sincerely,
Rego SaaS Support Team