A use-after-free vulnerability in the Skia library can occur when creating a path, leading to a potentially exploitable crash.
An integer overflow vulnerability in the Skia library can occur after specific transform operations, leading to a potentially exploitable crash.
Cross-origin images can be read from a canvas
element in violation of the same-origin policy using the transferFromImageBitmap
method.
Note: This only affects Firefox 65. Previous versions are unaffected.