CVE-2025-8030 Potential user-assisted code execution in “Copy as cURL” command

🗓️ 22 Jul 2025 20:49:25Reported by mozillaType

Insufficient escaping in "Copy as cURL" in Firefox and Thunderbird could execute unexpected code

Reporter	Title	Published	Views	Family All 431
FreeBSD	Mozilla -- Insufficient input escaping	22 Jul 202500:00	–	freebsd
ATTACKERKB	CVE-2025-8030	22 Jul 202520:49	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : firefox (ALAS2023-2025-1148)	18 Aug 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : thunderbird (ALAS-2025-2946)	4 Aug 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : firefox (ALASFIREFOX-2025-041)	4 Aug 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : firefox (ALSA-2025:11747)	30 Jul 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : firefox (ALSA-2025:11748)	30 Jul 202500:00	–	nessus
Tenable Nessus	AlmaLinux 10 : firefox (ALSA-2025:11797)	9 Oct 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : thunderbird (ALSA-2025:12187)	30 Jul 202500:00	–	nessus
Tenable Nessus	AlmaLinux 10 : thunderbird (ALSA-2025:12188)	9 Oct 202500:00	–	nessus

[
  {
    "product": "Firefox",
    "vendor": "Mozilla",
    "versions": [
      {
        "status": "unaffected",
        "version": "128.13",
        "lessThanOrEqual": "128.*",
        "versionType": "rpm"
      },
      {
        "status": "unaffected",
        "version": "140.1",
        "lessThanOrEqual": "140.*",
        "versionType": "rpm"
      },
      {
        "status": "unaffected",
        "version": "141",
        "lessThanOrEqual": "*",
        "versionType": "rpm"
      }
    ]
  },
  {
    "product": "Thunderbird",
    "vendor": "Mozilla",
    "versions": [
      {
        "status": "unaffected",
        "version": "128.13",
        "lessThanOrEqual": "128.*",
        "versionType": "rpm"
      },
      {
        "status": "unaffected",
        "version": "140.1",
        "lessThanOrEqual": "140.*",
        "versionType": "rpm"
      },
      {
        "status": "unaffected",
        "version": "141",
        "lessThanOrEqual": "*",
        "versionType": "rpm"
      }
    ]
  }
]

Source	Link
mozilla	www.mozilla.org/security/advisories/mfsa2025-59/
mozilla	www.mozilla.org/security/advisories/mfsa2025-63/
mozilla	www.mozilla.org/security/advisories/mfsa2025-62/
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
mozilla	www.mozilla.org/security/advisories/mfsa2025-61/
mozilla	www.mozilla.org/security/advisories/mfsa2025-56/
mozilla	www.mozilla.org/security/advisories/mfsa2025-58/

13 Apr 2026 14:26Current

EPSS0.00277

cve-2025-8030 firefox vulnerability code execution risk copy as curl feature