intel
diff --git a/‎cve_bin_tool/checkers/__init__.py
+1 b/‎cve_bin_tool/checkers/__init__.py
+1
diff --git a/‎cve_bin_tool/checkers/xz.py
+23 b/‎cve_bin_tool/checkers/xz.py
+23
diff --git a/‎test/condensed-downloads/liblzma5_5.6.3-1+b1_arm64.deb.tar.gz
7.99 KB b/‎test/condensed-downloads/liblzma5_5.6.3-1+b1_arm64.deb.tar.gz
7.99 KB
diff --git a/‎test/condensed-downloads/liblzma_5.2.5-1_x86_64.ipk.tar.gz
5.89 KB b/‎test/condensed-downloads/liblzma_5.2.5-1_x86_64.ipk.tar.gz
5.89 KB
diff --git a/‎test/condensed-downloads/xz-5.2.4-r0.apk.tar.gz
7.56 KB b/‎test/condensed-downloads/xz-5.2.4-r0.apk.tar.gz
7.56 KB
diff --git a/‎test/condensed-downloads/xz-5.6.3-3.fc42.aarch64.rpm.tar.gz
7.79 KB b/‎test/condensed-downloads/xz-5.6.3-3.fc42.aarch64.rpm.tar.gz
7.79 KB
diff --git a/‎test/condensed-downloads/xz-utils_5.2.4-1+deb10u1_amd64.deb.tar.gz
7.63 KB b/‎test/condensed-downloads/xz-utils_5.2.4-1+deb10u1_amd64.deb.tar.gz
7.63 KB
diff --git a/‎test/condensed-downloads/xz_5.2.5-1_x86_64.ipk.tar.gz
6.44 KB b/‎test/condensed-downloads/xz_5.2.5-1_x86_64.ipk.tar.gz
6.44 KB
diff --git a/‎test/test_data/xz.py
+44 b/‎test/test_data/xz.py
+44
@@ -385,6 +385,7 @@
     "xml2",
     "xscreensaver",
     "xwayland",
+    "xz",
     "yasm",
     "zabbix",
     "zchunk",
 
@@ -0,0 +1,23 @@
+# Copyright (C) 2025 Orange
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+
+"""
+CVE checker for xz
+
+https://www.cvedetails.com/product/38995/Tukaani-XZ.html?vendor_id=16730
+
+"""
+from __future__ import annotations
+
+from cve_bin_tool.checkers import Checker
+
+
+class XzChecker(Checker):
+    CONTAINS_PATTERNS: list[str] = []
+    FILENAME_PATTERNS: list[str] = []
+    VERSION_PATTERNS = [
+        r"xz \(XZ Utils\) ([0-9]+\.[0-9]+\.[0-9]+)",
+        r"([0-9]+\.[0-9]+\.[0-9]+)[A-Za-z0-9,'_=:*&!? \-\.\[\]\"\(\)\r\n]*7zXZ[a-zA-z0-9\r\n]*   @@@",
+    ]
+    VENDOR_PRODUCT = [("tukaani", "xz")]
@@ -0,0 +1,44 @@
+# Copyright (C) 2025 Orange
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+mapping_test_data = [
+    {"product": "xz", "version": "5.2.5", "version_strings": ["xz (XZ Utils) 5.2.5"]}
+]
+package_test_data = [
+    {
+        "url": "http://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/aarch64/os/Packages/x/",
+        "package_name": "xz-5.6.3-3.fc42.aarch64.rpm",
+        "product": "xz",
+        "version": "5.6.3",
+    },
+    {
+        "url": "http://ftp.fr.debian.org/debian/pool/main/x/xz-utils/",
+        "package_name": "xz-utils_5.2.4-1+deb10u1_amd64.deb",
+        "product": "xz",
+        "version": "5.2.4",
+    },
+    {
+        "url": "http://ftp.fr.debian.org/debian/pool/main/x/xz-utils/",
+        "package_name": "liblzma5_5.6.3-1+b1_arm64.deb",
+        "product": "xz",
+        "version": "5.6.3",
+    },
+    {
+        "url": "https://downloads.openwrt.org/releases/packages-19.07/x86_64/packages/",
+        "package_name": "xz_5.2.5-1_x86_64.ipk",
+        "product": "xz",
+        "version": "5.2.5",
+    },
+    {
+        "url": "https://downloads.openwrt.org/releases/packages-19.07/x86_64/packages/",
+        "package_name": "liblzma_5.2.5-1_x86_64.ipk",
+        "product": "xz",
+        "version": "5.2.5",
+    },
+    {
+        "url": "https://dl-cdn.alpinelinux.org/alpine/v3.11/main/x86_64/",
+        "package_name": "xz-5.2.4-r0.apk",
+        "product": "xz",
+        "version": "5.2.4",
+    },
+]