Lucene search
AF450946-76C2-5472-A02F-BF0AE2F27B8BHistoryApr 01, 2024 - 1:56 a.m.
Exploit for Embedded Malicious Code in Tukaani Xz
2024-04-0101:56:08
102
tukaani xz
supply chain attack
embedded code
malicious
c2 command
cve-2024-3094
cvss 3.1
poc
exp
linux
liblzma
version 5.6.0
version 5.6.1
fix package
fedora
debian
alpine
arch linux
opensuse
vulnerability
downgrade
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.133 Low
EPSS
Percentile
95.6%
漏洞概述
XZ是一种数据压缩格式,几乎存在每个Linux发行版中。liblzma是一个处理XZ压缩格式的开源软件库。3月2…
This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.
Related
veracode
veracode
Injected Malicious Code
2024-04-01 21:18:10
githubexploit
githubexploit
Exploit for Embedded Malicious Code in Tukaani Xz
2024-03-31 14:09:28
Exploit for Embedded Malicious Code in Tukaani Xz
2024-04-03 19:10:43
Exploit for Embedded Malicious Code in Tukaani Xz
2024-04-02 08:55:50
attackerkb
attackerkb
CVE-2024-3094
2024-03-29 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2407
2024-04-23 12:16:56
Advisory ROSA-SA-2024-2409
2024-04-23 12:23:07
Advisory ROSA-SA-2024-2408
2024-04-23 12:20:30
talosblog
talosblog
arista
arista
Security Advisory 0095
2024-04-03 00:00:00
nessus
nessus
XZ Utils 5.6.0 / 5.6.1 Liblzma Backdoor Check
2024-04-01 00:00:00
Potential exposure to XZ Utils SSH Backdoor (CVE-2024-3094)
2024-03-29 00:00:00
GLSA-202403-04 : XZ utils: Backdoor in release tarballs
2024-04-01 00:00:00
archlinux
archlinux
[ASA-202403-1] xz: arbitrary code execution
2024-03-29 00:00:00
ubuntucve
ubuntucve
CVE-2024-3094
2024-03-29 00:00:00
rapid7blog
rapid7blog
Backdoored XZ Utils (CVE-2024-3094)
2024-04-01 17:13:05
securelist
securelist
XZ backdoor story – Initial analysis
2024-04-12 08:00:34
Exploits and vulnerabilities in Q1 2024
2024-05-07 10:00:39
redhatcve
redhatcve
CVE-2024-3094
2024-03-29 16:50:47
debiancve
debiancve
CVE-2024-3094
2024-03-29 17:15:21
cve
cve
CVE-2024-3094
2024-03-29 17:15:21
thn
thn
Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
2024-04-02 13:18:00
alpinelinux
alpinelinux
CVE-2024-3094
2024-03-29 17:15:21
f5
f5
K000139141 : liblzma vulnerability CVE-2024-3094
2024-04-01 00:00:00
cvelist
cvelist
CVE-2024-3094 Xz: malicious code in distributed source
2024-03-29 16:51:12
wizblog
wizblog
Backdoor in XZ Utils allows RCE: everything you need to know
2024-03-29 22:02:58
gentoo
gentoo
XZ utils: Backdoor in release tarballs
2024-03-29 00:00:00
qualysblog
qualysblog
XZ Utils SSHd Backdoor
2024-03-30 04:06:05
hackread
hackread
Backdoor Discovered in XZ Utils: Patch Your Systems Now (CVE-2024-3094)
2024-04-01 23:17:59
openvas
openvas
Tukaani Project XZ Utils Backdoor (Feb/Mar 2024)
2024-04-02 00:00:00
osv
osv
CVE-2024-3094
2024-03-29 17:15:21
nvd
nvd
CVE-2024-3094
2024-03-29 17:15:21
debian
debian
[SECURITY] [DSA 5649-1] xz-utils security update
2024-03-29 16:10:02
trellix
trellix
The Bug Report - April 2024 Edition
2024-04-29 00:00:00
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.133 Low
EPSS
Percentile
95.6%
Related for AF450946-76C2-5472-A02F-BF0AE2F27B8B