Bootstrap-table.js notifi Virus name: PUA.Win.Trojan.Xored-1

snipe / snipe-it

A free open source IT asset/license management system

https://snipeitapp.com

GNU Affero General Public License v3.0

11.13k stars 3.19k forks source link

Bootstrap-table.js notifi Virus name: PUA.Win.Trojan.Xored-1 #15826

Open namdoan91 opened 3 days ago

namdoan91 commented 3 days ago

Debug mode

[X] I have enabled debug mode
[X] I have read checked the Common Issues page

Describe the bug

After logging in, the interface currently fails to load" or "After logging in, the interface is not loading anymore Screenshot 2024-11-15 at 14 01 43

Reproduction steps

Go to login web
Go to Dashboard
...

Expected behavior

Upon checking, I found that this path "http://IP-SnipeIT/js/dist/bootstrap-table.js?id=b4c3069f1a292527a96c058b77b28d69" is suspected to be a virus Screenshot 2024-11-15 at 14 04 20

Screenshots

No response

Snipe-IT Version

7.1.14

Operating System

Ubuntu

Web Server

Apache

PHP Version

8.1.2

Operating System

No response

Browser

No response

Version

No response

Device

No response

Operating System

No response

Browser

No response

Version

No response

Error messages

No response

Additional context

No response

welcome[bot] commented 3 days ago

👋 Thanks for opening your first issue here! If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. We get a lot of issues on this repo, so please be patient and we will get back to you as soon as we can.

snipe commented 3 days ago

Well that's a first. Definitely not a virus, it's the javascript library that loads all of the tables. Is there a way to ignore that in your ClamAV?

snipe commented 3 days ago

Looks like ClamAV has a history of false positives with JS.

https://github.com/jensyt/imurmurhash-js/issues/1 https://askubuntu.com/questions/1006237/clamav-detects-trojans

I can try to open an issue on the Bootstrap Table repo and ask them to submit to VirusTotal and submit a false positive report.

Ask Ubuntu
Clamav detects Trojans
I have just scanned my system and clamav has detected a few suspect files: File: .cahe/mozilla/firefox/jqxk4r44.default/cache2/entries/750B6E2F1286.... Status: PUA.Win.Exploit.CVE_2012_1461-1 Fil...

namdoan91 commented 3 days ago

Well that's a first. Definitely not a virus, it's the javascript library that loads all of the tables. Is there a way to ignore that in your ClamAV?

Yes, as you said, it's a fake virus alert, but I'm also trying to bypass it! I haven't found a way locally yet. If you know, could you help me?

namdoan91 commented 3 days ago

Looks like ClamAV has a history of false positives with JS.

jensyt/imurmurhash-js#1 https://askubuntu.com/questions/1006237/clamav-detects-trojans

I can try to open an issue on the Bootstrap Table repo and ask them to submit to VirusTotal and submit a false positive report.

Ask UbuntuClamav detects TrojansI have just scanned my system and clamav has detected a few suspect files: File: .cahe/mozilla/firefox/jqxk4r44.default/cache2/entries/750B6E2F1286.... Status: PUA.Win.Exploit.CVE_2012_1461-1 Fil...

According to VirusTotal, when scanning the JS file, ClamAV does not recognize it as a virus. Screenshot 2024-11-16 at 07 41 16

Ask Ubuntu
Clamav detects Trojans
I have just scanned my system and clamav has detected a few suspect files: File: .cahe/mozilla/firefox/jqxk4r44.default/cache2/entries/750B6E2F1286.... Status: PUA.Win.Exploit.CVE_2012_1461-1 Fil...