It was discovered that the methods of an Array object could be corrupted as a result of prototype pollution by sending a message to the parent process. If a user were tricked into opening a specially crafted website, an attacker could exploit this to execute JavaScript in a privileged context.
{ "binaries": [ { "binary_name": "firefox", "binary_version": "100.0.2+build1-0ubuntu0.18.04.1" }, { "binary_name": "firefox-dev", "binary_version": "100.0.2+build1-0ubuntu0.18.04.1" }, { "binary_name": "firefox-geckodriver", "binary_version": "100.0.2+build1-0ubuntu0.18.04.1" }, { "binary_name": "firefox-mozsymbols", "binary_version": "100.0.2+build1-0ubuntu0.18.04.1" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "firefox", "binary_version": "100.0.2+build1-0ubuntu0.20.04.1" }, { "binary_name": "firefox-dev", "binary_version": "100.0.2+build1-0ubuntu0.20.04.1" }, { "binary_name": "firefox-geckodriver", "binary_version": "100.0.2+build1-0ubuntu0.20.04.1" }, { "binary_name": "firefox-mozsymbols", "binary_version": "100.0.2+build1-0ubuntu0.20.04.1" } ], "availability": "No subscription required" }