Description

Due to insufficient escaping of the special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. *This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox ESR < 128.10, Firefox ESR < 115.23, and Thunderbird ESR < 128.10.

INFO

Published Date :

2025-04-29T13:13:38.073Z

Last Modified :

2025-04-30T03:56:29.231Z

Source :

mozilla
AFFECTED PRODUCTS

The following products are affected by CVE-2025-4084 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-4084.

URL Resource
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1949994%2C1956698%2C1960198 cve-icon cve-icon
https://www.mozilla.org/security/advisories/mfsa2025-29/ cve-icon cve-icon
https://www.mozilla.org/security/advisories/mfsa2025-30/ cve-icon cve-icon
https://www.mozilla.org/security/advisories/mfsa2025-32/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System