When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2021-20/#CVE-2021-29952
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-29952