Medium severity5.3NVD Advisory· Published Jan 7, 2025· Updated Apr 13, 2026
CVE-2025-0244
CVE-2025-0244
Description
When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 134.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <134.0
- (no CPE)range: <134
- osv-coords16 versionspkg:apk/chainguard/firefoxpkg:apk/chainguard/firefox-esrpkg:apk/wolfi/firefoxpkg:deb/ubuntu/mozjs102@102.15.1-0ubuntu0.22.04.1?arch=source&distro=jammypkg:deb/ubuntu/mozjs102@102.15.1-3ubuntu2?arch=source&distro=noblepkg:deb/ubuntu/mozjs115@115.10.0-1?arch=source&distro=noblepkg:deb/ubuntu/mozjs115@115.16.0-1?arch=source&distro=oracularpkg:deb/ubuntu/mozjs38@38.8.0~repack1-0ubuntu4?arch=source&distro=esm-apps/bionicpkg:deb/ubuntu/mozjs52@52.9.1-0ubuntu0.18.04.1?arch=source&distro=esm-infra/bionicpkg:deb/ubuntu/mozjs52@52.9.1-1ubuntu3?arch=source&distro=focalpkg:deb/ubuntu/mozjs68@68.6.0-1ubuntu1?arch=source&distro=focalpkg:deb/ubuntu/mozjs78@78.15.0-4ubuntu1?arch=source&distro=jammypkg:deb/ubuntu/mozjs91@91.10.0-0ubuntu1?arch=source&distro=jammypkg:deb/ubuntu/thunderbird@1:115.18.0+build1-0ubuntu0.20.04.1?arch=source&distro=focalpkg:deb/ubuntu/thunderbird@1:115.18.0+build1-0ubuntu0.22.04.1?arch=source&distro=jammypkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweed
< 134.0-r0+ 15 more
- (no CPE)range: < 134.0-r0
- (no CPE)range: < 134-r0
- (no CPE)range: < 134.0-r0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: < 134.0-1.1
Patches
Vulnerability mechanics
References
2- www.mozilla.org/security/advisories/mfsa2025-01/nvdVendor Advisory
- bugzilla.mozilla.org/show_bug.cginvdIssue Tracking
News mentions
0No linked articles in our index yet.