Pham Bao

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 84 Thunderbird versions prior to 78.6 Firefox ESR versions prior to 78.6 **Description** The issue arises when `flex-basis` is used on a table wrapper, causing a `StyleGenericFlexBasis` object to be incorrectly cast to the wrong type. This results in a heap user-after-free, memory corruption, and a potentially exploitable crash. **Recommendations** For Firefox versions prior to 84, update to version 84 or later. For Thunderbird versions prior to 78.6, update to version 78.6 or later. For Firefox ESR versions prior to 78.6, update to version 78.6 or later.