Yaniv

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 101 Firefox ESR versions prior to 91.10 Thunderbird versions prior to 91.10 **Description** The issue is related to errors during variable initialization, which can be exploited by a remote attacker using a specially crafted message, potentially leading to a denial of service or further memory corruption. A crafted CMS message could be processed incorrectly, resulting in an invalid memory read. **Recommendations** For Firefox versions prior to 101, update to version 101 or later. For Firefox ESR versions prior to 91.10, update to version 91.10 or later. For Thunderbird versions prior to 91.10, update to version 91.10 or later.