Open CherryNick opened 3 months ago
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days
cryptography<43.0.1 is pinning a vulnerable version of pyopenssl (effected by https://openssl-library.org/news/secadv/20240903.txt) so PyJWT's dependancies probably need to handle the new version.
Summary When using pyjwt==2.8.0 with cryptography==43.0.0, an error occurs:
Downgrading cryptography to 42.0.7 resolves the issue, indicating an incompatibility between these specific versions.
Expected Result The JWT token should decode successfully without errors when using pyjwt==2.8.0 and cryptography==43.0.0.
Actual Result An error is raised when attempting to decode a JWT token:
Reproduction Steps
Workaround Downgrading cryptography to version 42.0.7 resolves the issue