USN-5293-1: c3p0 vulnerability
Aaron Massey discovered that c3p0 could be made to crash when
parsing certain input. An attacker able to modify the application’s
XML configuration file could cause a denial of service.
Source: USN-5293-1: c3p0 vulnerability