Security Fix: Mozilla: libusrsctp library out of date Mozilla: Arbitrary file read from GTK drag and drop on Linux Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 Mozilla: Malicious command could be hidden in devtools output Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation Mozilla: Content Security Policy wasn#39;t being correctly applied to WebSockets in WebWorkers Mozilla: Fullscreen notification bypass Mozilla: Calls to lt;codegt;console.loglt;/codegt; allowed bypasing Content Security Policy via format directive For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.