A remote code execution in Firefox caused by the expiration of certificate pins was patched by Mozilla in Firefox 49 and Firefox ESR 45.4.
Tag Archives: HPKP
Mozilla Patching Firefox Certificate Pinning Vulnerability
Mozilla is expected tomorrow to patch a critical certificate pinning vulnerability in Firefox’s automated update process for extensions.