Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2025/06/17 12:0 a.m.4 views

Ubuntu: Security Advisory (USN-7571-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.04882EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.38 views

Ubuntu 16.04 ESM : c3p0 vulnerability (USN-5293-2)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5293-2 advisory. USN-5293-1 fixed a vulnerability in c3p0. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the preceding description bloc...

7.5CVSS6.9AI score0.04882EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2020-0051)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.04882EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2019/05/29 12:0 a.m.43 views

Fedora 29 : c3p0 (2019-063672154a)

Update to version 0.9.5.4. Resolves CVE-2018-20433 and CVE-2019-5427. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

9.8CVSS6.9AI score0.04882EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2019/05/29 12:0 a.m.42 views

Fedora 30 : c3p0 (2019-cb14e234fc)

Update to version 0.9.5.4. Resolves CVE-2018-20433 and CVE-2019-5427. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

9.8CVSS6.9AI score0.04882EPSS
Exploits1References3
CVE
CVE
added 2019/04/22 8:52 p.m.193 views

CVE-2019-5427

CVE-2019-5427 affects c3p0, where versions older than 0.9.5.4 are vulnerable to a billion laughs (XML entity expansion) attack when loading XML configuration due to missing protections against recursive entity expansion. Public sources in connected documents confirm the issue exists in c3p0

7.5CVSS7.2AI score0.04882EPSS
Exploits1References8Affected Software1
Veracode
Veracode
added 2018/12/26 1:56 a.m.32 views

XML External Entity (XXE)

c3p0 is vulnerable to XML external entity XXE attacks. The external entity expansion is not disabled in the XML parser, which would allow a remote attacker to perform XXE attacks via a crafted XML document. This CVE is also known as CVE-2019-5427...

9.8CVSS8.1AI score0.04882EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder