Mozilla patched high-severity vulnerabilities with the release of Firefox 81 and Firefox ESR 78.3. The CVE IDs addressed in the latest version are as follows:
CVE ID | Description | Severity |
| Download origin spoofing via redirect | Moderate |
| XSS when pasting attacker-controlled data into a contenteditable element | Moderate |
| When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario | Moderate
|
| Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3 | High |
| Use-After-Free in WebGL | High |
| Download origin spoofing via redirect | Moderate |
| XSS when pasting attacker-controlled data into a contenteditable element | Moderate |
| When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario | Moderate |
| Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3 | High |
| Memory safety bugs fixed in Firefox 81 | High |
Patch Manager Plus now supports patches to address the aforementioned CVEs for Windows, Mac, and Linux.
The patch details are as follows:
Patch Details:
Patch ID : 316098
Bulletin ID : TU-027
Patch Description : Mozilla Firefox (81.0)
Patch ID : 316099
Bulletin ID : TU-027
Patch Description : Mozilla Firefox (x64) (81.0)
Patchid : 316100
BulletinID : TU-054
PatchDescription : Mozilla Firefox ESR (78.3.0)
Patch ID : 316101
Bulletin ID : TU-054
Patch Description : Mozilla Firefox ESR (x64) (78.3.0)
Happy patching!