Hi Is there any update on whether this has been resolved? I see many signatures related to this CVE. Also, since this is an exploit/vulnerability, is ClamAV supposed to detect this considering its a malware/virus detection tool.
Regards Puneet On Fri, Dec 17, 2021 at 3:30 AM Micah Snyder (micasnyd) <[email protected]> wrote: > Hi Puneet, > > Thank you for submitting the FP reports through our web form. > Our malware research team is actively working on improving the signatures > related to CVE-2021-44228. > > Regards, > Micah > > Micah Snyder > ClamAV Development > Talos > Cisco Systems, Inc. > ------------------------------ > *From:* clamav-users <[email protected]> on behalf of > Puneet Bhootra via clamav-users <[email protected]> > *Sent:* Thursday, December 16, 2021 11:32 AM > *To:* [email protected] <[email protected]> > *Cc:* Puneet Bhootra <[email protected]>; Himanshu Kumar < > [email protected]> > *Subject:* Re: [clamav-users] Lot of false positives detected from > signature Java.Malware.CVE_2021_44228-9915814-0 > > > Hi > > We are seeing lot of false positives being generated from this signature. > Java.Malware.CVE_2021_44228-9915814-0 > which has resulted in the quarantine of a lot of java applications running > in our environments. > > It seems for this CVE there are other signatures as well which detects > this - Exploit.CVE_2021_44228-9914600 and Exploit.CVE_2021_44228-9914601 > > So, this one Java.Malware.CVE_2021_44228-9915814-0 is kind of redundant > and since it is generating a lot of false positives also, please remove > this from the daily.cld. > > I have also submitted a false positive report for the same. > Can someone please check and take appropriate action on this? > > -- <https://smart.salesforce.com/sig/pbhootra//us_mb/default/link.html>
_______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
