Dennis Fuchs

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 60 **Description** The issue is caused by an out-of-bounds read in the memory of the Firefox browser's WebSocket component. This can allow a remote attacker to disclose protected information. If WebSocket data is sent with mixed text and binary in a single message, the binary data can be corrupted, resulting in an out-of-bounds read. The read memory can be sent to the originating server in response. **Recommendations** For versions prior to 60, update to version 60 or later to resolve the issue. As a temporary workaround, consider avoiding the use of mixed text and binary data in a single WebSocket message until the issue is resolved. Restrict access to sensitive information that could be disclosed through this issue until an update can be applied.