CVE-2025-0244

Summary

When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. Note: This issue only affected Android operating systems. Other operating systems are unaffected.. This vulnerability was fixed in Firefox 134.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox134 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References