Stevej

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 151 Firefox ESR versions prior to 115.36 Firefox ESR versions prior to 140.11 Thunderbird versions prior to 151 Thunderbird versions prior to 140.11 **Description** A use-after-free issue in the Disability Access APIs component allows for a sandbox escape. Use-after-free is a memory corruption flaw that occurs when an application continues to use a pointer after it has been freed. **Recommendations** Update to version 151 Update to version 115.36 Update to version 140.11 Update to version 151 Update to version 140.11

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 148 **Description** An information disclosure issue exists in Firefox and Firefox Focus for Android due to uninitialized memory. This can potentially allow an attacker to access sensitive information. **Recommendations** Update Firefox to version 148 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 148 Firefox ESR versions prior to 115.33 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 **Description** An issue exists due to incorrect boundary conditions within the Graphics: ImageLib component. **Recommendations** Update Firefox to version 148 or later. Update Firefox ESR to version 115.33 or later. Update Firefox ESR to version 140.8 or later. Update Thunderbird to version 148 or later. Update Thunderbird to version 140.8 or later.