linux-malware-detect icon indicating copy to clipboard operation
linux-malware-detect copied to clipboard

Published 20 hours ago verified publisher icon rfxn

False Positive in magento-coding-standard

Open drinkingsouls opened this issue 1 year ago • 0 comments

Hi Maldetect

Sometime since my last full scan which was last week, I've noticed two files being flagged as malware yesterday.

malware hit {CAV}Php.Backdoor.Generic-10006641-0 found for /vendor/magento/magento-coding-standard/Magento2/Tests/Functions/DiscouragedFunctionUnitTest.inc

maldet(7084): {hit} malware hit {CAV}Php.Backdoor.Generic-10006641-0 found for /.cache/composer/files/magento/magento-coding-standard/5cf0da126fda162c53eba8037babc7efd1dae3a9.zip

These are standard Magento files. I reinstalled the entire vendor folder and rescanned and it still flags in Maldetect. The exact same files don't flag on my site clone.

This is believed to be a false positive via Magento. See issue #460

My question is:

Why would an unchanged file that was not flagged previously start now? Why does it not flag on my clone site? The files are identical. If I replace one with the other it still only flags on one server and not the other.

Thank you.

drinkingsouls avatar Aug 01 '23 18:08 drinkingsouls