#2556 closed defect (fixed)

FireFox CVE-2019-11707: Type confusion in Array.pop

Reported by: anonymous maybe Owned by: Meeh
Priority: critical Milestone: undecided
Component: apps/browser Version: n/a
Keywords: Cc:
Parent Tickets: Sensitive: no


All types of Firefox and TBB and so as I2P Browser are now effected to:


Mozilla firefox now upgraded through all channels , TBB didnt push the update yet.

So better to be aware of that on the current version of I2PBrowser is effected to this vulnerability.


Change History (5)

comment:1 Changed 22 months ago by anonymous maybe

Update: Tor Project has pushed the latest fixation for TBB.

I2PBrowser left to fix it

comment:2 Changed 22 months ago by Meeh

Yea then we'll push one soon as well.

comment:3 Changed 22 months ago by Meeh

TBB is gonna come with a release as well, but they also seemingly think "safer" and "safest" security levels in their browser is not affected. We don't got that so I have to assume we're vulnerable then.

comment:5 Changed 22 months ago by Meeh

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.