How severe is CVE-2019-9535?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2019-9535?

This is classified as CWE-349, which is a common weakness in software security.

CVE-2019-9535 - CRITICAL Severity | CVSS 9.8

Vulnerability Description

A vulnerability exists in the way that iTerm2 integrates with tmux's control mode, which may allow an attacker to execute arbitrary commands by providing malicious output to the terminal. This affects versions of iTerm2 up to and including 3.3.5. This vulnerability may allow an attacker to execute arbitrary commands on their victim's computer by providing malicious output to the terminal. It could be exploited using command-line utilities that print attacker-controlled content.

Related Vulnerabilities

CVE-2023-51655

CRITICAL

CVSS:9.8(Critical)

In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configuration

CWE-3492023

CVE-2018-1131

HIGH

CVSS:8.8(High)

Infinispan permits improper deserialization of trusted data via XML and JSON transcoders under certain server configurations. A user with authenticated access to the server could send a malicious obje...

CWE-3492018

CVE-2023-51655

CRITICAL

CVSS:9.8(Critical)

In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configuration

CWE-3492023

CVE-2018-1131

HIGH

CVSS:8.8(High)

CWE-3492018

CVE-2020-8023

HIGH

CVSS:7.8(High)

A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise D...

CWE-3492020

CVE-2024-52555

HIGH

CVSS:7.8(High)

In JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via type definitions installer script

CWE-3492024