SQ30111
Detected presence of suspicious files through file reputation or third-party scanners.
priority | CI/CD status | severity | effort | RL level | RL assessment |
---|---|---|---|---|---|
pass | medium | high | None | malware: warning Reason: suspicious components found |
About the issueโ
Third-party malware detection algorithms have determined that the software package contains one or more suspicious files. The detection was made by a hash-based file reputation lookup. This malware detection method is considered predictive, and can typically identify the malware family by name.
How to resolve the issueโ
- Suspicious detections are a lower confidence detection, so you should first review them for malicious intent.
- If the software intent does not relate to malicious behavior, investigate the build and release environment for software supply chain compromise.
- Proceed with increased caution when using this software package.
Incidence statisticsโ
Not relevant for this type of issue.