{"uuid": "8c6c381a-17c6-4e72-9af2-aaba04625f22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3094", "type": "seen", "source": "https://t.me/theninjaway1337/1500", "content": "Urgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros\n\nRedHat on Friday released an \"urgent security alert\" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access.\n\nThe software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score of 10.0, indicating maximum severity. It impacts XZ Utils versions 5.6.0 (released February 24) and 5.6.1 (released March 9).\n\n5.6.0 &amp; 5.6.1 \u2014 vuln\n\nhttps://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.html", "creation_timestamp": "2024-03-30T08:33:08.000000Z"}