High severity7.5NVD Advisory· Published Jun 4, 2021· Updated Jun 17, 2026
CVE-2021-29500
CVE-2021-29500
Description
bubble fireworks is an open source java package relating to Spring Framework. In bubble fireworks before version 2021.BUILD-SNAPSHOT there is a vulnerability in which the package did not properly verify the signature of JSON Web Tokens. This allows to forgery of valid JWTs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <2021.BUILD-SNAPSHOT
- fxbin/bubble-fireworksv5Range: < 2021.BUILD-SNAPSHOT
Patches
Vulnerability mechanics
References
1- github.com/fxbin/bubble-fireworks/security/advisories/GHSA-hj36-84cp-29prnvdThird Party Advisory
News mentions
0No linked articles in our index yet.