CVE-2019-11713

Source
Severity Critical
Remote Yes
Type Arbitrary code execution
Description
A use-after-free vulnerability can occur in the HTTP/2 component of Firefox before 68.0, when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash.
Group Package Affected Fixed Severity Status Ticket
AVG-1002 firefox 67.0.4-2 68.0-1 Critical Fixed
Date Advisory Group Package Severity Description
17 Jul 2019 ASA-201907-4 AVG-1002 firefox Critical multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11713
https://bugzilla.mozilla.org/show_bug.cgi?id=1528481