Old CVE-2024-7774 is reported by AWS scanner - is it valid? #29918

nooneimportant-x · 2025-02-21T10:52:59Z

nooneimportant-x
Feb 21, 2025

Checked other resources

I added a very descriptive title to this question.
I searched the LangChain documentation with the integrated search.
I used the GitHub search to find a similar question and didn't find it.

Commit to Help

I commit to help with one of those options 👆

Example Code

n/a

Description

Hi!

AWS recently started to reporting langchain package as Critical Vulnerability without a fix, pointing to this old CVE-2024-7774.

I've checked that it was fixed here https://github.com/langchain-ai/langchainjs/releases/tag/0.2.19, but this is JS flavor.

So now I'm wondering if this is valid, as that scanner was quiet about it for all that time.

System Info

n/a

Answered by nooneimportant-x

Feb 25, 2025

I believe it was some AWS false-positive, as now status changed to closed on their side.

View full answer

madudevi-flutterint · 2025-02-24T10:56:50Z

madudevi-flutterint
Feb 24, 2025

Hi, I've also noticed this recently. can someone help me with this.

0 replies

nooneimportant-x · 2025-02-25T11:07:45Z

nooneimportant-x
Feb 25, 2025
Author

I believe it was some AWS false-positive, as now status changed to closed on their side.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Old CVE-2024-7774 is reported by AWS scanner - is it valid? #29918

Uh oh!

{{title}}

Uh oh!

Replies: 2 comments

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Old CVE-2024-7774 is reported by AWS scanner - is it valid? #29918

Uh oh!

nooneimportant-x Feb 21, 2025

Checked other resources

Commit to Help

Example Code

Description

System Info

Replies: 2 comments

Uh oh!

madudevi-flutterint Feb 24, 2025

Uh oh!

nooneimportant-x Feb 25, 2025 Author

nooneimportant-x
Feb 21, 2025

madudevi-flutterint
Feb 24, 2025

nooneimportant-x
Feb 25, 2025
Author