diff --git a/SPECS/python-jwt/CVE-2022-39227.nopatch b/SPECS/python-jwt/CVE-2022-39227.nopatch
new file mode 100644
index 0000000000..6c8226f986
--- /dev/null
+++ b/SPECS/python-jwt/CVE-2022-39227.nopatch
@@ -0,0 +1,7 @@
+CVE-2022-39227 - This CVE does not impact us since this CVE is for davedoesdev/python-jwt, and we are using jpadilla/pyjwt. packages-mapping.json has been updated to fix future CVE scannings
+
+NIST
+https://nvd.nist.gov/vuln/detail/CVE-2022-39227
+
+Fix
+n/a
\ No newline at end of file
diff --git a/SPECS/python-jwt/python-jwt.spec b/SPECS/python-jwt/python-jwt.spec
index 57f8c75f2d..b5437e0d72 100644
--- a/SPECS/python-jwt/python-jwt.spec
+++ b/SPECS/python-jwt/python-jwt.spec
@@ -1,3 +1,4 @@
+# This package refers to PyJWT(https://github.com/jpadilla/pyjwt). Not to be confused with python-jwt(https://github.com/davedoesdev/python-jwt)
 # what it's called on pypi
 %global srcname PyJWT
 # what it's imported as
@@ -17,7 +18,7 @@ encrypted JSON objects.}
 
 Name:           python-%{pkgname}
 Version:        2.4.0
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        JSON Web Token implementation in Python
 License:        MIT
 Vendor:         Microsoft Corporation
@@ -69,6 +70,9 @@ PYTHONPATH=%{buildroot}%{python3_sitelib} \
 %endif
 
 %changelog
+* Fri Sep 30 2022 Saul Paredes <saulparedes@microsoft.com> - 2.4.0-2
+- Updating to 2.4.0-2 to fix CVE-2022-39227 (no patch, false positive confusion with python-jwt. Scanning tool to be updated).
+
 * Wed Jun 08 2022 Pawel Winogrodzki <pawelwi@microsoft.com> - 2.4.0-1
 - Updating to 2.4.0 to fix CVE-2022-29217.