The Mozilla Foundation has released Firefox 82.0.3 that includes a security fix for a Critical vulnerability CVE-2020-26950.
An attacker could exploit the vulnerability to take control of impacted systems.
As part of Mozilla Foundation Security Advisory 2020-49, Firefox 82.0.3 patched a MCallGetProperty vulnerability CVE-2020-26950.
According to Mozilla, “the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition.”
The vulnerability update also affects Firefox ESR 78.4.1 and Thunderbird 78.4.2.