Information on source package c3p0

Available versions

ReleaseVersion
jessie0.9.1.2-9
jessie (security)0.9.1.2-9+deb8u1
stretch0.9.1.2-9+deb9u1
buster0.9.1.2-10
bullseye0.9.1.2-10
sid0.9.1.2-10

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-5427vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablec3p0 version < 0.9.5.4 may be exploited by a billion laughs attack ...

Resolved issues

BugDescription
CVE-2018-20433c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mcha ...

Security announcements

DSA / DLADescription
DLA-1621-1c3p0 - security update

Search for package or bug name: Reporting problems