CVE-2021-29500
04.06.2021, 20:15
bubble fireworks is an open source java package relating to Spring Framework. In bubble fireworks before version 2021.BUILD-SNAPSHOT there is a vulnerability in which the package did not properly verify the signature of JSON Web Tokens. This allows to forgery of valid JWTs.Enginsight
Vendor | Product | Version |
---|---|---|
bubble_fireworks_project | bubble_fireworks | 𝑥 < 2021.build-snapshot |
𝑥
= Vulnerable software versions
Common Weakness Enumeration