Hi,
A recent scan of my system found 8 infected files. On closer inspection, these
are all nodejs binaries, either installed through Homebrew or inside another
app (e.g., Docker or Adobe). Clamav reports that they are infected with
CVE_2021_4034-9951522.
As far as I can tell, CVE_2021_4034 is the pkexec privilege escalation bug.
However, I could not find anything relating to nodejs. Also, the fact that
multiple nodejs binaries on my system are infected, which are installed from
different sources, leads me to believe that this is a false positive.
I am unsure what to do next. Should I upload this as a false positive to
https://www.clamav.net/reports/fp? <https://www.clamav.net/reports/fp?>
Best,
Viktor
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
