Public CVE-2021-3483 disclosure

A flaw in Mozilla's embedded certificate code might allow web sites to install root certificates on devices without user approval.