SQ30110
Detected presence of malicious files through file reputation or third-party scanners.
priority | CI/CD status | severity | effort | RL level | RL assessment |
---|---|---|---|---|---|
fail | high | high | 1 | malware: fail Reason: malicious components found |
About the issueโ
Third-party malware detection algorithms have determined that the software package contains one or more malicious files. The detection was made by a hash-based file reputation lookup. This malware detection method is considered accurate, and can typically identify the malware family by name.
How to resolve the issueโ
- If the software intent does not relate to malicious behavior, investigate the build and release environment for software supply chain compromise.
- Avoid using this software package.
Incidence statisticsโ
Not relevant for this type of issue.