Closed prabhu closed 6 months ago
For this particular CVE, GitHub has better data, so it could have been used instead of pysec.
Dependency Scan Results (PYPI) ╔══════════════════════════════════════════════════════╤══════════════════════════════════════╤═══════════════════════╤══════════════════╤═══════════╗ ║ CVE │ Insights │ Fix Version │ Severity │ Score ║ ╟──────────────────────────────────────────────────────┼──────────────────────────────────────┼───────────────────────┼──────────────────┼───────────╢ ║ pyjwt@2.3.0 ⬅ CVE-2022-29217 │ 🧾 Vendor Confirmed │ 2.4.0 │ LOW │ 2.0 ║ ╚══════════════════════════════════════════════════════╧══════════════════════════════════════╧═══════════════════════╧══════════════════╧═══════════╝
5.6.4 includes this fix
For this particular CVE, GitHub has better data, so it could have been used instead of pysec.