Mozilla has released security updates for Firefox and Thunderbird to address nine vulnerabilities, including high-severity flaws. Firefox 118 includes patches for all nine vulnerabilities, which are primarily memory-related issues that could lead to exploitable crashes. Two high-severity flaws are out-of-bounds write issues that could result in potentially exploitable crashes in privileged processes. Another high-severity bug is a memory leak issue that could be used to affect a sandbox escape if the correct data is leaked. The Ion compiler had a use-after-free condition, and there was a memory corruption issue in Ion Hints, both of which are now patched. Mozilla did not mention any active exploitation of these vulnerabilities. Users are advised to update their browsers and email clients to the latest versions to stay protected.
Read more: https://www.securityweek.com/firefox-118-patches-high-severity-vulnerabilities/