Firefox for iOS
CVEs (58)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-27426 | Med | 0.35 | 5.4 | 0.00 | Mar 4, 2025 | Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL. This vulnerability was fixed in Firefox for iOS 136. | ||
| CVE-2026-53900 | Med | 0.28 | 4.3 | 0.00 | Jun 16, 2026 | Firefox for iOS preserved cookies set on the initial PDF request across cross-origin HTTP redirects in TemporaryDocument, allowing a malicious site to inject arbitrary cookies into requests to an unrelated target domain. This vulnerability was fixed in Firefox for iOS 152.0. | ||
| CVE-2026-2032 | Med | 0.28 | 4.3 | 0.00 | Feb 16, 2026 | Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability was fixed in Firefox for iOS 147.2.1. | ||
| CVE-2025-5020 | Med | 0.28 | 4.3 | 0.00 | May 21, 2025 | Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139. | ||
| CVE-2025-27425 | Med | 0.28 | 4.3 | 0.00 | Mar 4, 2025 | Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136. | ||
| CVE-2025-27424 | Med | 0.28 | 4.3 | 0.00 | Mar 4, 2025 | Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page. This vulnerability was fixed in Firefox for iOS 136. | ||
| CVE-2025-23108 | Med | 0.28 | 4.3 | 0.00 | Jan 11, 2025 | Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. This vulnerability was fixed in Firefox for iOS 134. | ||
| CVE-2025-10859 | Med | 0.26 | 4.0 | 0.00 | Sep 30, 2025 | Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs. This vulnerability was fixed in Firefox for iOS 143.1. | ||
| CVE-2024-53976 | 0.00 | — | 0.00 | Nov 26, 2024 | Under certain circumstances, navigating to a webpage would result in the address missing from the location URL bar, making it unclear what the URL was for the loaded webpage. This vulnerability affects Firefox for iOS < 133. | |||
| CVE-2024-53975 | 0.00 | — | 0.00 | Nov 26, 2024 | Accessing a non-secure HTTP site that uses a non-existent port may cause the SSL padlock icon in the location URL bar to, misleadingly, appear secure. This vulnerability affects Firefox for iOS < 133. | |||
| CVE-2024-10004 | 0.00 | — | 0.00 | Oct 15, 2024 | Opening an external link to an HTTP website when Firefox iOS was previously closed and had an HTTPS tab open could in some cases result in the padlock icon showing an HTTPS indicator incorrectly This vulnerability affects Firefox for iOS < 131.2. | |||
| CVE-2024-43111 | 0.00 | — | 0.00 | Aug 6, 2024 | Long pressing on a download link could potentially allow Javascript commands to be executed within the browser This vulnerability affects Firefox for iOS < 129. | |||
| CVE-2024-43113 | 0.00 | — | 0.00 | Aug 6, 2024 | The contextual menu for links could provide an opportunity for cross-site scripting attacks This vulnerability affects Firefox for iOS < 129. | |||
| CVE-2024-43112 | 0.00 | — | 0.00 | Aug 6, 2024 | Long pressing on a download link could potentially provide a means for cross-site scripting This vulnerability affects Firefox for iOS < 129. | |||
| CVE-2024-38312 | 0.00 | — | 0.00 | Jun 13, 2024 | When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127. | |||
| CVE-2024-38313 | 0.00 | — | 0.00 | Jun 13, 2024 | In certain scenarios a malicious website could attempt to display a fake location URL bar which could mislead users as to the actual website address This vulnerability affects Firefox for iOS < 127. | |||
| CVE-2024-31392 | 0.00 | — | 0.00 | Apr 3, 2024 | If an insecure element was added to a page after a delay, Firefox would not replace the secure icon with a mixed content security status This vulnerability affects Firefox for iOS < 124. | |||
| CVE-2024-31393 | 0.00 | — | 0.00 | Apr 3, 2024 | Dragging Javascript URLs to the address bar could cause them to be loaded, bypassing restrictions and security protections This vulnerability affects Firefox for iOS < 124. | |||
| CVE-2024-26281 | 0.00 | — | 0.00 | Feb 22, 2024 | Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the URL bar. This vulnerability affects Firefox for iOS < 123. | |||
| CVE-2024-26282 | 0.00 | — | 0.00 | Feb 22, 2024 | Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page. This vulnerability affects Firefox for iOS < 123. |
- risk 0.35cvss 5.4epss 0.00
Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL. This vulnerability was fixed in Firefox for iOS 136.
- risk 0.28cvss 4.3epss 0.00
Firefox for iOS preserved cookies set on the initial PDF request across cross-origin HTTP redirects in TemporaryDocument, allowing a malicious site to inject arbitrary cookies into requests to an unrelated target domain. This vulnerability was fixed in Firefox for iOS 152.0.
- risk 0.28cvss 4.3epss 0.00
Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability was fixed in Firefox for iOS 147.2.1.
- risk 0.28cvss 4.3epss 0.00
Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139.
- risk 0.28cvss 4.3epss 0.00
Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136.
- risk 0.28cvss 4.3epss 0.00
Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page. This vulnerability was fixed in Firefox for iOS 136.
- risk 0.28cvss 4.3epss 0.00
Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. This vulnerability was fixed in Firefox for iOS 134.
- risk 0.26cvss 4.0epss 0.00
Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs. This vulnerability was fixed in Firefox for iOS 143.1.
- CVE-2024-53976Nov 26, 2024risk 0.00cvss —epss 0.00
Under certain circumstances, navigating to a webpage would result in the address missing from the location URL bar, making it unclear what the URL was for the loaded webpage. This vulnerability affects Firefox for iOS < 133.
- CVE-2024-53975Nov 26, 2024risk 0.00cvss —epss 0.00
Accessing a non-secure HTTP site that uses a non-existent port may cause the SSL padlock icon in the location URL bar to, misleadingly, appear secure. This vulnerability affects Firefox for iOS < 133.
- CVE-2024-10004Oct 15, 2024risk 0.00cvss —epss 0.00
Opening an external link to an HTTP website when Firefox iOS was previously closed and had an HTTPS tab open could in some cases result in the padlock icon showing an HTTPS indicator incorrectly This vulnerability affects Firefox for iOS < 131.2.
- CVE-2024-43111Aug 6, 2024risk 0.00cvss —epss 0.00
Long pressing on a download link could potentially allow Javascript commands to be executed within the browser This vulnerability affects Firefox for iOS < 129.
- CVE-2024-43113Aug 6, 2024risk 0.00cvss —epss 0.00
The contextual menu for links could provide an opportunity for cross-site scripting attacks This vulnerability affects Firefox for iOS < 129.
- CVE-2024-43112Aug 6, 2024risk 0.00cvss —epss 0.00
Long pressing on a download link could potentially provide a means for cross-site scripting This vulnerability affects Firefox for iOS < 129.
- CVE-2024-38312Jun 13, 2024risk 0.00cvss —epss 0.00
When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127.
- CVE-2024-38313Jun 13, 2024risk 0.00cvss —epss 0.00
In certain scenarios a malicious website could attempt to display a fake location URL bar which could mislead users as to the actual website address This vulnerability affects Firefox for iOS < 127.
- CVE-2024-31392Apr 3, 2024risk 0.00cvss —epss 0.00
If an insecure element was added to a page after a delay, Firefox would not replace the secure icon with a mixed content security status This vulnerability affects Firefox for iOS < 124.
- CVE-2024-31393Apr 3, 2024risk 0.00cvss —epss 0.00
Dragging Javascript URLs to the address bar could cause them to be loaded, bypassing restrictions and security protections This vulnerability affects Firefox for iOS < 124.
- CVE-2024-26281Feb 22, 2024risk 0.00cvss —epss 0.00
Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the URL bar. This vulnerability affects Firefox for iOS < 123.
- CVE-2024-26282Feb 22, 2024risk 0.00cvss —epss 0.00
Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page. This vulnerability affects Firefox for iOS < 123.
Page 2 of 3