On March 29th, a critical security issue was identified in XZ Utils, a popular data compression tool used in key Linux distributions. Versions 5.6.0 and 5.6.1 were found to contain harmful code that could permit remote SSH access without authorization. This vulnerability, now known as CVE-2024-3094, has received the highest severity rating with a CVSS score of 10.

SFTP To Go customers are not affected by the issues caused by CVE-2024-3094 and no action is required.