Added check

.github/workflows/CVE-check.yml

@@ -0,0 +1,18 @@
+name: Simple XZ util check
+
+on:
+  pull_request:
+    branches:
+      - dev
+      - staging*
+
+jobs:
+  bandit:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Fail if version of xz tool is affected by CVE-2024-3094
+      if: ${{ ! startsWith(matrix.os, 'windows') }}
+      run: |
+        xz --version;
+        bash -c "! (xz --version | grep -E '5\.6\.(0|1)')"