firefox-esr is vulnerable to denial of service. The vulnerability exists due to the lack of memory safety checks in the library, allowing an attacker to crash the application by providing malicious input.
bugzilla.mozilla.org/buglist.cgi?bug_id=1770630%2C1776658
bugzilla.redhat.com/show_bug.cgi?id=2120696
security-tracker.debian.org/tracker/CVE-2022-38478
www.mozilla.org/security/advisories/mfsa2022-33/
www.mozilla.org/security/advisories/mfsa2022-34/
www.mozilla.org/security/advisories/mfsa2022-35/
www.mozilla.org/security/advisories/mfsa2022-36/
www.mozilla.org/security/advisories/mfsa2022-37/