Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-0244

Опубликовано: 07 янв. 2025
Источник: redhat
CVSS3: 8.1
EPSS Низкий

Описание

When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. Note: This issue only affected Android operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 134.

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When redirecting to an invalid protocol scheme, an attacker could spoof the address bar.

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. This issue only affected Android operating systems. Other operating systems are unaffected.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6firefoxNot affected
Red Hat Enterprise Linux 7firefoxNot affected
Red Hat Enterprise Linux 8firefoxNot affected
Red Hat Enterprise Linux 9firefoxNot affected
Red Hat Enterprise Linux 9firefox:flatpak/firefoxNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-451
https://bugzilla.redhat.com/show_bug.cgi?id=2336187firefox: Address bar spoofing using an invalid protocol scheme on Firefox for Android

EPSS

Процентиль: 34%
0.00131
Низкий

8.1 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-0244

CVSS3: 5.3
ubuntu
6 месяцев назад

When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 134.

nvd логотип

CVE-2025-0244

CVSS3: 5.3
nvd
6 месяцев назад

When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 134.

debian логотип

CVE-2025-0244

CVSS3: 5.3
debian
6 месяцев назад

When redirecting to an invalid protocol scheme, an attacker could spoo ...

github логотип

GHSA-68r8-f4jc-vc2p

CVSS3: 5.3
github
6 месяцев назад

When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 134.

fstec логотип

BDU:2025-02404

CVSS3: 8.1
fstec
6 месяцев назад

Уязвимость браузера Mozilla Firefox, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю подменить адресную строку

EPSS

Процентиль: 34%
0.00131
Низкий

8.1 High

CVSS3