{"id":"CVE-2019-0542","details":"A remote code execution vulnerability exists in Xterm.js when the component mishandles special characters, aka \"Xterm Remote Code Execution Vulnerability.\" This affects xterm.js.","aliases":["GHSA-mc23-976p-j42x"],"modified":"2026-04-02T01:27:12.433964Z","published":"2019-01-09T15:29:00.213Z","references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/106434"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2552"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHBA-2019:0959"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1422"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2551"},{"type":"PACKAGE","url":"https://github.com/xtermjs/xterm.js/releases"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/xtermjs/xterm.js","events":[{"introduced":"0"},{"fixed":"904ddffc8d370421783f0917797617bfce508854"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"5.0.0"}]}}],"versions":["0.10","0.11","0.12","0.13","0.14","0.15","0.16","0.17","0.18","0.19","0.20","0.21","0.22","0.23","0.24","0.25","0.26","0.27","0.29","0.3","0.30","0.31","0.32","0.33","0.4","0.5","0.6","0.7","0.8","0.9","0.9.1","0.9.2","0.9.3","1.0.0","1.1.0","1.1.1","1.1.2","1.1.3","2.0.0","2.0.1","2.1.0","2.2.0","2.2.1","2.2.2","2.2.3","2.3.0","2.3.1","2.3.2","2.4.0","2.5.0","2.6.0","2.7.0","2.8.0","2.8.1","2.9.0","2.9.1","2.9.2","3.0.0","3.0.1","3.0.2","3.1.0","3.10.0","3.10.1","3.11.0","3.12.0","3.12.1","3.12.2","3.13.0","3.13.1","3.13.2","3.14.0","3.14.1","3.14.2","3.14.4","3.14.5","3.2.0","3.3.0","3.4.0","3.4.1","3.5.0","3.5.1","3.6.0","3.7.0","3.8.0","3.8.1","3.9.0","3.9.1","3.9.2","4.0.0","4.0.1","4.0.2","4.1.0","4.10.0","4.11.0","4.12.0","4.13.0","4.14.0","4.14.1","4.15.0","4.16.0","4.17.0","4.18.0","4.19.0","4.2.0","4.3.0","4.4.0","4.5.0","4.6.0","4.7.0","4.8.0","4.8.1","4.9.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-0542.json","unresolved_ranges":[{"events":[{"introduced":"3.9"},{"fixed":"3.9.99"}]},{"events":[{"introduced":"3.10"},{"fixed":"3.10.163"}]},{"events":[{"introduced":"0"},{"fixed":"3.11.104"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}