Security Advisory

CVE-2019-5427

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-04-22 20:52:56

Last updated 2024-08-04 19:54:53

Assigner hackerone

State PUBLISHED

Description

c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration.

← Browse all CVEs View on cve.org ↗