EncryptingOutputStream
was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
{ "binaries": [ { "binary_version": "121.0+build1-0ubuntu0.20.04.1", "binary_name": "firefox" }, { "binary_version": "121.0+build1-0ubuntu0.20.04.1", "binary_name": "firefox-dev" }, { "binary_version": "121.0+build1-0ubuntu0.20.04.1", "binary_name": "firefox-geckodriver" }, { "binary_version": "121.0+build1-0ubuntu0.20.04.1", "binary_name": "firefox-mozsymbols" } ], "availability": "No subscription required" }