VYPR

bubble fireworks

by Bubble Fireworks

CVEs (1)

  • CVE-2021-29500HigJun 4, 2021
    risk 0.49cvss 7.5epss 0.01

    bubble fireworks is an open source java package relating to Spring Framework. In bubble fireworks before version 2021.BUILD-SNAPSHOT there is a vulnerability in which the package did not properly verify the signature of JSON Web Tokens. This allows to forgery of valid JWTs.