Certain canvas operations could have lead to memory corruption. This vulnerability was fixed in Firefox 139.0.4.