CVE-2025-8036: 
NixOS vulnerability analysis and mitigation

CVE-2025-8036 is a security vulnerability discovered in Mozilla Firefox and Thunderbird that involves DNS rebinding attacks circumventing CORS (Cross-Origin Resource Sharing) protections. The vulnerability was reported by Viktor Bocz and disclosed on July 22, 2025. It affects Firefox versions prior to 141, Firefox ESR versions prior to 140.1, Thunderbird versions prior to 141, and Thunderbird ESR versions prior to 140.1 (Mozilla Advisory).

The vulnerability stems from a design flaw where Firefox and Thunderbird cached CORS preflight responses across IP address changes. This caching behavior allowed attackers to bypass CORS protections through DNS rebinding techniques. The vulnerability has been assigned a moderate severity rating, with a CVSS v3.1 base score of 8.1 HIGH (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N) (NVD).

The vulnerability could allow attackers to circumvent CORS protections through DNS rebinding attacks, potentially leading to unauthorized cross-origin requests. This could result in information disclosure and potential manipulation of protected resources across different origins (Mozilla Advisory).

The vulnerability has been fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird ESR 140.1. Users are advised to update their installations to these versions or later to mitigate the vulnerability (Mozilla Advisory).