Xuehao Guo

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 150.0.1 Firefox ESR versions prior to 140.10.1 Firefox ESR versions prior to 115.35.1 Thunderbird versions prior to 150.0.1 Thunderbird versions prior to 140.10.1 **Description** Incorrect boundary conditions in the Audio/Video component lead to information disclosure. **Recommendations** Update to version 150.0.1 Update to version 140.10.1 Update to version 115.35.1 Update to version 150.0.1 Update to version 140.10.1

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 150 Firefox ESR versions prior to 115.35 Firefox ESR versions prior to 140.10 Thunderbird versions prior to 150 Thunderbird versions prior to 140.10 **Description** A use-after-free issue exists in the JavaScript Engine component. Use-after-free is a memory corruption flaw that occurs when an application continues to use a pointer after it has been freed. **Recommendations** Update to version 150 Update to version 115.35 Update to version 140.10 Update to version 150 Update to version 140.10