Backport fix for CVE-2022-43680

commit: https://github.com/mozilla/gecko-dev/commit/2d8b4d7c0bd1fe183df5352cd408595d8ad484a1