Mozilla has addressed a critical memory corruption vulnerability affecting its Network Security Services (NSS) set of cryptography libraries. The security flaw was found by Google researcher in NSS versions before 3.73 or 3.68.1 ESR. Vulnerability is tracked as CVE-2021-43527. The impact of successful heap overflow exploitation can be program crashes and arbitrary code execution to bypass security software.

Source: bleepingcomputer.com