EncryptingOutputStream
was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "firefox", "binary_version": "121.0+build1-0ubuntu0.20.04.1" }, { "binary_name": "firefox-dev", "binary_version": "121.0+build1-0ubuntu0.20.04.1" }, { "binary_name": "firefox-geckodriver", "binary_version": "121.0+build1-0ubuntu0.20.04.1" }, { "binary_name": "firefox-mozsymbols", "binary_version": "121.0+build1-0ubuntu0.20.04.1" } ] }