Rego is dedicated to protecting and securing your data stored in Clarity, hosted by Rego on Amazon Web Services.
We are pleased to confimed that Rego SAAS is not impacted by CVE-2024-3094 vulnerability and related exploits.
What is CVE-2024-3094 vulnerability?
CVE-2024-3094 is a critical vulnerability in xz’s liblzma, versions 5.6.0 and 5.6.1, allowing remote code execution (RCE) by bypassing SSH authentication. Discovered in upstream tarballs, it involves complex obfuscations to inject malicious code during the build process, modifying liblzma functions. This backdoor can intercept and alter data interactions with any linked software.