CVE-2019-0542

A remote code execution vulnerability exists in Xterm.js when the component mishandles special characters, aka "Xterm Remote Code Execution Vulnerability." This affects xterm.js.

References

Affected packages

Debian:11 / node-xterm

Package

Name: node-xterm
Purl: pkg:deb/debian/node-xterm?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.8.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / node-xterm

Package

Name: node-xterm
Purl: pkg:deb/debian/node-xterm?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.8.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / node-xterm

Package

Name: node-xterm
Purl: pkg:deb/debian/node-xterm?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.8.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Git / github.com/xtermjs/xterm.js

Affected ranges

Type: GIT
Repo: https://github.com/xtermjs/xterm.js
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

904ddffc8d370421783f0917797617bfce508854

Affected versions

0.*

0.10

0.11

0.12

0.13

0.14

0.15

0.16

0.17

0.18

0.19

0.20

0.21

0.22

0.23

0.24

0.25

0.26

0.27

0.29

0.3

0.30

0.31

0.32

0.33

0.4

0.5

0.6

0.7

0.8

0.9

0.9.1

0.9.2

0.9.3

1.*

1.0.0

1.1.0

1.1.1

1.1.2

1.1.3

2.*

2.0.0

2.0.1

2.1.0

2.2.0

2.2.1

2.2.2

2.2.3

2.3.0

2.3.1

2.3.2

2.4.0

2.5.0

2.6.0

2.7.0

2.8.0

2.8.1

2.9.0

2.9.1

2.9.2

3.*

3.0.0

3.1.0

3.10.0

3.11.0

3.12.0

3.13.0

3.14.0

3.2.0

3.3.0

3.4.0

3.5.0

3.6.0

3.7.0

3.8.0

3.9.0

4.*

4.0.0

4.1.0

4.10.0

4.11.0

4.12.0

4.13.0

4.14.0

4.14.1

4.15.0

4.16.0

4.17.0

4.18.0

4.19.0

4.2.0

4.3.0

4.4.0

4.5.0

4.6.0

4.7.0

4.8.0

4.8.1

4.9.0