{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "3.9" }, { "fixed": "3.9.99" } ] }, { "events": [ { "introduced": "3.10" }, { "fixed": "3.10.163" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "3.11.104" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "fixed": "5.0.0" } ] }, "events": [ { "introduced": "0" }, { "fixed": "904ddffc8d370421783f0917797617bfce508854" } ], "repo": "https://github.com/xtermjs/xterm.js", "type": "GIT" } ] } ], "details": "A remote code execution vulnerability exists in Xterm.js when the component mishandles special characters, aka \"Xterm Remote Code Execution Vulnerability.\" This affects xterm.js.", "id": "CVE-2019-0542", "modified": "2026-04-01T23:09:14.663812211Z", "published": "2019-01-09T15:29:00.213Z", "references": [ { "type": "WEB", "url": "http://www.securityfocus.com/bid/106434" }, { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHSA-2019:2552" }, { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHBA-2019:0959" }, { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHSA-2019:1422" }, { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHSA-2019:2551" }, { "type": "PACKAGE", "url": "https://github.com/xtermjs/xterm.js/releases" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }