Address Bar Spoofing Vulnerability in Firefox for Android
CVE-2025-0244

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 7 January 2025

Summary

A vulnerability exists in Firefox for Android that allows attackers to spoof the browser's address bar when redirecting to an invalid protocol scheme. This may mislead users by presenting a falsified URL, thereby jeopardizing their security. Only users of Firefox versions below 134 on Android devices are affected. Other operating systems and Firefox versions remain unaffected, highlighting the need for vigilance in mobile browsing.

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1929584

https://www.mozilla.org/security/advisories/mfsa2025-01/

Timeline

Vulnerability published
Jan 7, 2025