The Python dependency "PyJWT==1.7.1" of Scout Suite introduces a potiental vulnerability [CVE-2022-29217]
This is set in the requirements.txt file with a comment to 'FIXME '
The CVE for PyJWT has been patched in a later version of PyJWT, version 2.4.0
To Reproduce
pip install scoutsuite
Additional Notes
I understand it won't be as simple as just upgrading the package but please can this be looked into. Dependabot alerts get annoying for such things and your tool is useful.
Hi @fernando-gallego @johnwaghorn, I have looked into scoutsuite and would like to contribute to fixing this issue. If possible, can you assign this issue to me?
Describe the bug
To Reproduce
Additional Notes