In today’s SensCy Cyber Alert, your SensCy team recommends Firefox users to apply security patches for several “High” vulnerabilities.
Mozilla Firefox announced earlier this week the release of Firefox Firefox 116, Firefox ESR 115.1, and Firefox ESR 102.14, which include nine patches for High-severity vulnerabilities.
The first vulnerability, tracked CVE-2023-4045, a cross-origin restrictions bypass in Offscreen Canvas, allows web pages to view images displayed in a page from a different site.
The second vulnerability, tracked CVE-2023-4046, is the use of incorrect value during WASM compilation, “In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process,” Mozilla explained.
Most of the ‘High” vulnerabilities impacted Firefox Thunderbird and were addressed in Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14.
If you have any questions, please contact your Cyber Advocate.