Because it’s confidential. Dev teams needs to allow users time to update, so there is always a delay. If you want more information you can see Security Vulnerabilities fixed in Firefox 124.0.1 — Mozilla which lists the CVEs (not everything applied to ESR or all platforms)
edited: linked the wrong release