Hi,
A few moments ago, three merge requests landed that fixed a recently reported security issue that could potentially be problematic in multi user systems on distributions where the /tmp/.X11-unix/ directory is not set up correctly. Distributions using systemd are not affected, nor is any distribution that sets up said directory correctly using some other mechanism. For users on multi user system on a distribution that doesn’t do this, the fix is likely more important.
See Service Desk (from fabian@ritter-vogt.de): New Security Issue (#1708) · Issues · GNOME / mutter · GitLab for information about the security issue.
The issue was fixed in xwayland: Check permissions on /tmp/.X11-unix (!1787) · Merge requests · GNOME / mutter · GitLab, and backported to 3.38 in [Backport to 3-38] xwayland: Check permissions on /tmp/.X11-unix (!1788) · Merge requests · GNOME / mutter · GitLab 3.36 in [Backport to 3-36] xwayland: Check permissions on /tmp/.X11-unix (!1789) · Merge requests · GNOME / mutter · GitLab.
Many thanks to Fabian for reporting the issue, and @ofourdan for fixing it.