Ok, to make it a bit technical…
Fun facts about this Firefox bug: (1) According to Mozilla, it got introduced in 2003, it predates Firefox 1.0! (2) Although it’s a UaF, it doesn’t rely on any JS callback, the entire PoC is a single function. (3) It was a purely manual find and just a fun bug to PoC
https://x.com/ifsecure/status/1897676576109596821
Mozilla promoted Firefox 136 to the stable channel with patches for 15 vulnerabilities, including eight high-severity bugs, five medium-severity issues, and two low-severity defects.
The high-severity vulnerabilities could lead to sandbox escape, users being tricked into granting sensitive permissions, potentially exploitable crashes, potentially exploitable out-of-bounds access, and arbitrary code execution.
On Tuesday, Mozilla also announced the release of Firefox ESR 128.8 with patches for 10 vulnerabilities (including one critical- and six high-severity flaws) and Firefox ESR 115.21 with fixes for five security defects (one critical- and four high-severity bugs).
https://www.securityweek.com/chrome-134-firefox-136-patch-high-severity-vulnerabilities/