CVE-2025-4084: 
NixOS vulnerability analysis and mitigation

CVE-2025-4084 is a security vulnerability discovered in Mozilla Firefox's 'copy as cURL' feature, disclosed on April 29, 2025. The vulnerability affects Firefox ESR versions < 128.10, Firefox ESR < 115.23, and Thunderbird < 128.10, specifically impacting only Firefox for Windows installations (Mozilla Advisory, NVD).

The vulnerability stems from insufficient escaping of special characters in the 'copy as cURL' feature. This implementation flaw specifically relates to the handling of special characters, including the ampersand character, in the command generation process. The vulnerability has been assigned a CVSS 3.1 Base Score of 5.7 (MEDIUM) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N and is classified under CWE-116 (Improper Encoding or Escaping of Output) (Mozilla Advisory, NVD).

The vulnerability has been classified with a moderate impact rating. If successfully exploited, it could lead to local code execution on the user's system, potentially allowing an attacker to execute arbitrary commands with the privileges of the current user (Mozilla Advisory, Wiz).

Mozilla has addressed this vulnerability in Firefox ESR 128.10, Firefox ESR 115.23, and Thunderbird ESR 128.10. Users are strongly advised to update their software to these latest versions to mitigate the risk. Organizations should apply appropriate updates provided by Mozilla to vulnerable systems immediately after appropriate testing (Mozilla Advisory).