Use-After-Free Vulnerability in HTTP/2 Stream Closure

Use-After-Free Vulnerability in HTTP/2 Stream Closure

CVE-2019-11713 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

Learn more about our Web Application Penetration Testing UK.