We are not vulnerable to the Chrome exploit that's in the wild, which uses Web Codecs APIs that Firefox does not support (yet). But WebRTC can encode using VP8 and it's possible the bug could be triggered in Firefox by manipulating input streams to that.
Bug 1855550 Comment 4 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
We are not vulnerable to the Chrome exploit that's in the wild, which uses Web Codecs APIs that Firefox does not support (yet). But WebRTC can encode using VP8 and it's possible the bug could be triggered in Firefox by manipulating input streams to that. Update: we later discovered that the MediaRecorder API also uses the vulnerable libvpx encoder, and we believe it could be used to trigger the vulnerability in Firefox.