Filtered by vendor Bubble Fireworks Project Subscriptions
Filtered by product Bubble Fireworks Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-29500 1 Bubble Fireworks Project 1 Bubble Fireworks 2024-11-21 7.5 High
bubble fireworks is an open source java package relating to Spring Framework. In bubble fireworks before version 2021.BUILD-SNAPSHOT there is a vulnerability in which the package did not properly verify the signature of JSON Web Tokens. This allows to forgery of valid JWTs.