Mozilla pushed out two security patches for Firefox on Oct. 20 rated as potentially having a high impact on users of the popular browser.
The first vulnerability, CVE-2016-5287, was “a potential exploitable use-after-free crash during actor destruction with service workers, “ according to the patch report. It does not affect release version earlier than Firefox 49.
The second, CVE-2016-5288, was discovered by a Cliqz.com developer who showed that web content could access information in the HTTP cache if e10s is disabled and it affects Firefox versions 48 and 49.
Both issues were patched with the release of Firefox 49.0.2.