VYPR

Firefox for iOS

by Mozilla Corporation

CVEs (58)

  • CVE-2026-2634CriFeb 24, 2026
    risk 0.64cvss 9.8epss 0.00

    Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability was fixed in Firefox for iOS 147.4.

  • CVE-2025-55031CriAug 19, 2025
    risk 0.64cvss 9.8epss 0.00

    Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This…

  • CVE-2025-54143CriAug 19, 2025
    risk 0.64cvss 9.8epss 0.00

    Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vulnerability was fixed in Firefox for iOS 141.

  • CVE-2023-49060CriNov 21, 2023
    risk 0.64cvss 9.8epss 0.01

    An attacker could have accessed internal pages or data by ex-filtrating a security key from ReaderMode via the `referrerpolicy` attribute. This vulnerability affects Firefox for iOS < 120.

  • CVE-2022-1887CriDec 22, 2022
    risk 0.64cvss 9.8epss 0.01

    The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS < 101.

  • CVE-2017-14876CriMar 30, 2018
    risk 0.64cvss 9.8epss 0.01

    In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-of-bounds write.

  • CVE-2017-14918CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the GPS location wireless interface, a Use After Free condition can occur.

  • CVE-2017-14917CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer sizes in the message passing interface are not properly validated.

  • CVE-2025-54145CriAug 19, 2025
    risk 0.59cvss 9.1epss 0.00

    The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme. This vulnerability was fixed in Firefox for iOS 141.

  • CVE-2024-10004CriOct 15, 2024
    risk 0.59cvss 9.1epss 0.00

    Opening an external link to an HTTP website when Firefox iOS was previously closed and had an HTTPS tab open could in some cases result in the padlock icon showing an HTTPS indicator incorrectly This vulnerability affects Firefox for iOS < 131.2.

  • CVE-2024-26283HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.00

    An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme. This vulnerability affects Firefox for iOS < 123.

  • CVE-2017-14892HigMar 30, 2018
    risk 0.51cvss 7.8epss 0.00

    In the function msm_pcm_hw_params() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-19, the return value of q6asm_open_shared_io() is not checked properly potentially leading to a possible dangling pointer access.

  • CVE-2017-11081HigJan 10, 2018
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a potential buffer overflow vulnerability in hdd_parse_setrmcenable_command and hdd_parse_setrmcactionperiod_command APIs as buffers defined in this API can…

  • CVE-2025-55029HigAug 19, 2025
    risk 0.49cvss 7.5epss 0.00

    Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks. This vulnerability was fixed in Firefox for iOS 142.

  • CVE-2024-31392HigApr 3, 2024
    risk 0.49cvss 7.5epss 0.00

    If an insecure element was added to a page after a delay, Firefox would not replace the secure icon with a mixed content security status This vulnerability affects Firefox for iOS < 124.

  • CVE-2020-6830HigMay 26, 2020
    risk 0.49cvss 7.5epss 0.01

    For native-to-JS bridging, the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token was being used for JS-to-native also, but it isn't needed in this case, and its usage was also leaking this token. This vulnerability…

  • CVE-2017-14875HigMar 30, 2018
    risk 0.49cvss 7.5epss 0.01

    In the handler for the ioctl command VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-05-23, a heap overread vulnerability exists.

  • CVE-2020-15647HigAug 10, 2020
    risk 0.48cvss 7.4epss 0.01

    A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins. This vulnerability affects Firefox for < Android.

  • CVE-2024-26282HigFeb 22, 2024
    risk 0.46cvss 7.1epss 0.00

    Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page. This vulnerability affects Firefox for iOS < 123.

  • CVE-2026-53899MedJun 16, 2026
    risk 0.42cvss 6.5epss 0.00

    Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a malicious site on a suffix domain to receive cookies belonging to the target site. This vulnerability was fixed in Firefox for iOS 152.0.

Page 1 of 3