CVE-2021-29500

Name of the Vulnerable Software and Affected Versions: bubble fireworks versions prior to 2021.BUILD-SNAPSHOT

Description: The issue concerns a vulnerability in the package where it did not properly verify the signature of JSON Web Tokens, allowing for the forgery of valid JWTs. This affects the bubble fireworks package, which is related to the Spring Framework.

Recommendations: For versions prior to 2021.BUILD-SNAPSHOT, update to version 2021.BUILD-SNAPSHOT or later to resolve the issue. As a temporary workaround, consider implementing additional signature verification for JSON Web Tokens until the update can be applied.