Clamscan and flathub

I was using clamscan to check my files and it found the message:
/.local/share/flatpak/repo/objects/34/32b76db9f3df9ffb126a55624df56417c367c47d95e3f619585af51e448144.file: BC.Gif.Exploit.Agent-1425366.Agent FOUND

I have installed only flatpaks from flathub and its:
Dropbox, Kdenlive, Firefox, VLC, Zoom
There are the libs that flatpak install to use the apps too.

Is it something to worry about?

edit: On a second search i got a new message:
local/share/flatpak/runtime/org.gnome.Platform/x86_64/3.38/42f0534709bc634acaeea04372985231d6c414ae811029b9381643e2ba78caf6/files/libexec/installed-tests/gdk-pixbuf/test-images/gif-test-suite/max-width.gif: BC.Gif.Exploit.Agent-1425366.Agent FOUND

False positive.
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/150

1 Like