Medium severity4.3NVD Advisory· Published May 21, 2025· Updated Apr 13, 2026
CVE-2025-5020
CVE-2025-5020
Description
Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: <139
- osv-coords2 versions
< 139.0-r0+ 1 more
- (no CPE)range: < 139.0-r0
- (no CPE)range: < 139.0-r0
Patches
Vulnerability mechanics
References
2- www.mozilla.org/security/advisories/mfsa2025-39/nvdVendor Advisory
- bugzilla.mozilla.org/show_bug.cginvdPermissions Required
News mentions
0No linked articles in our index yet.