Jun Yang

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 149 Thunderbird versions prior to 149 **Description** A security issue exists due to a use-after-free condition within the Graphics: Canvas2D component. This can lead to a sandbox escape. **Recommendations** Update Firefox to version 149 or later. Update Thunderbird to version 149 or later.

**Nome do Software Vulnerável e Versões Afetadas** Versões do Firefox anteriores à 148.0.2 **Descrição** Existe um contorno da política de mesma origem no componente de Análise e Computação de CSS. Isso permite que atores potencialmente maliciosos contornem restrições de segurança projetadas para isolar páginas web umas das outras. **Recomendações** Atualize o Firefox para a versão 148.0.2 ou posterior.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 149 Firefox ESR versions prior to 115.34 Firefox ESR versions prior to 140.9 Thunderbird versions prior to 149 Thunderbird versions prior to 140.9 **Description** The Graphics Canvas2D component contains incorrect boundary conditions. This can lead to potential issues with how graphics are rendered. **Recommendations** Update Firefox to version 149 or later. Update Firefox ESR to version 115.34 or later. Update Firefox ESR to version 140.9 or later. Update Thunderbird to version 149 or later. Update Thunderbird to version 140.9 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 149 Firefox ESR versions prior to 140.9 Thunderbird versions prior to 149 Thunderbird versions prior to 140.9 **Description** An issue exists in the Graphics: Canvas2D component due to uninitialized memory. **Recommendations** Update Firefox to version 149 or later. Update Firefox ESR to version 140.9 or later. Update Thunderbird to version 149 or later. Update Thunderbird to version 140.9 or later.