SQ30116
Detected presence of malicious files that were ignored due to configured analysis options.
priority | CI/CD status | severity | effort | SAFE level | SAFE assessment |
---|---|---|---|---|---|
None | pass | low | medium | None | malware: pass Reason: risky components ignored |
About the issueโ
Proprietary ReversingLabs malware detection algorithms have determined that the software package contains one or more malicious files. Those detections were automatically suppressed by configured analysis options. Threat types that can have their detection suppressed are: adware, riskware, hacking tools, spyware, dual use packers, and spam.
How to resolve the issueโ
- If your organization policies do not allow these threat types, adjust the scanning profile configuration.
Incidence statisticsโ
ReversingLabs periodically collects and analyzes the contents of popular software package repositories for threat research purposes. Analysis results are used to calculate incidence statistics for issues (policy violations) that Spectra Assure can detect in software packages.
This section is updated when new data becomes available.
Total amount of packages analyzed
- RubyGems: 183K
- Nuget: 644K
- PyPi: 628K
- NPM: 3.72M
Statistics are not collected for the SQ30116 policy at this time, or not applicable to this type of issue.