Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
https://bugzilla.mozilla.org/show_bug.cgi?id=1663466
https://www.mozilla.org/security/advisories/mfsa2020-54/