| Release | Version |
|---|---|
| jessie | 0.9.1.2-9+deb8u1 |
| stretch | 0.9.1.2-9+deb9u1 |
| buster | 0.9.1.2-10 |
| bullseye | 0.9.1.2-10 |
| bookworm | 0.9.1.2-10 |
| trixie | 0.9.1.2-10 |
| sid | 0.9.1.2-10 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-5427 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack whe ... |
| Bug | Description |
|---|---|
| CVE-2018-20433 | c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mcha ... |
| DSA / DLA | Description |
|---|---|
| DLA-1621-1 | c3p0 - security update |