Vulnerabilities (CVE)

Filtered by vendor Bubble Fireworks Project Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-29500 1 Bubble Fireworks Project 1 Bubble Fireworks 2024-11-21 5.0 MEDIUM 7.5 HIGH
bubble fireworks is an open source java package relating to Spring Framework. In bubble fireworks before version 2021.BUILD-SNAPSHOT there is a vulnerability in which the package did not properly verify the signature of JSON Web Tokens. This allows to forgery of valid JWTs.