{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-0244", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2025-01-06T14:49:13.692Z", "datePublished": "2025-01-07T16:07:04.905Z", "dateUpdated": "2026-04-13T14:29:52.692Z"}, "containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "134", "lessThanOrEqual": "*", "versionType": "rpm"}]}], "descriptions": [{"lang": "en", "value": "When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. \n*Note: This issue only affected Android operating systems. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 134.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. <br>*Note: This issue only affected Android operating systems. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 134."}]}], "title": "Address bar spoofing using an invalid protocol scheme on Firefox for Android", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929584"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-01/"}], "credits": [{"lang": "en", "value": "Umar Farooq"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:29:52.692Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-601", "lang": "en", "description": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-01-08T15:16:18.072403Z", "id": "CVE-2025-0244", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-08T15:24:32.529Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-0244", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-08T15:16:18.072403Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-601", "description": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-08T15:24:26.008Z"}}], "cna": {"title": "Address bar spoofing using an invalid protocol scheme on Firefox for Android", "credits": [{"lang": "en", "value": "Umar Farooq"}], "affected": [{"vendor": "Mozilla", "product": "Firefox", "versions": [{"status": "unaffected", "version": "134", "versionType": "rpm", "lessThanOrEqual": "*"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929584"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-01/"}], "descriptions": [{"lang": "en", "value": "When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. \n*Note: This issue only affected Android operating systems. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 134.", "supportingMedia": [{"type": "text/html", "value": "When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. <br>*Note: This issue only affected Android operating systems. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 134.", "base64": false}]}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:29:52.692Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0244", "state": "PUBLISHED", "dateUpdated": "2026-04-13T14:29:52.692Z", "dateReserved": "2025-01-06T14:49:13.692Z", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "datePublished": "2025-01-07T16:07:04.905Z", "assignerShortName": "mozilla"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "4FDCA935-A68D-404E-A749-CA3845C709F0", "versionEndExcluding": "134.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. \n*Note: This issue only affected Android operating systems. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 134."}, {"lang": "es", "value": "Al redirigir a un esquema de protocolo no v\u00e1lido, un atacante podr\u00eda falsificar la barra de direcciones. *Nota: este problema solo afecta a los sistemas operativos Android. Otros sistemas operativos no se ven afectados.* Esta vulnerabilidad afecta a Firefox &lt; 134."}], "id": "CVE-2025-0244", "lastModified": "2026-04-13T15:16:34.657", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-01-07T16:15:39.073", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929584"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "firefox: Address bar spoofing using an invalid protocol scheme on Firefox for Android", "id": "2336187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336187"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "status": "draft"}, "cwe": "CWE-451", "details": ["When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. \n*Note: This issue only affected Android operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 134.", "A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When redirecting to an invalid protocol scheme, an attacker could spoof the address bar."], "name": "CVE-2025-0244", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "firefox:flatpak/firefox", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-01-07T16:07:04Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-0244\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-0244\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1929584\nhttps://www.mozilla.org/security/advisories/mfsa2025-01/"], "statement": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. This issue only affected Android operating systems. Other operating systems are unaffected.", "threat_severity": "Important"}

{"analysis": {"en": {"generated_at": "2026-04-20T18:34:52.335003+00:00", "value": {"mitigation_remediation": ["Upgrade Firefox on all Android devices to version 134 or later.", "Ensure the Android operating system on those devices remains current so that the new browser bundle is installed automatically.", "If an upgrade is temporarily infeasible, remove or disable any legacy Firefox installations until an update can be applied."], "summary": {"action": "Patch", "impact": "Address bar spoofing via invalid protocol scheme"}, "threat_synthesis": {"affected_systems": "Any installation of Mozilla Firefox running on Android devices that is older than version 134 is susceptible. The issue does not affect Firefox on other operating systems or Firefox 134 and later, which include the fix that validates the scheme before updating the UI.", "description_and_impact": "The flaw allows a malicious web page to trigger a redirect to an invalid protocol scheme. Firefox for Android then displays the attacker\u2011supplied URL in the address bar, creating a visual spoof that can mislead users into believing they are on a trusted site while unknowingly interacting with malicious content. The weakness lies in improper validation of the scheme component, as identified by CWE\u2011451 and CWE\u2011601, and can jeopardize confidentiality and integrity by enabling deceptive interactions.", "risk_and_exploitability": "The CVSS score of 5.3 indicates moderate severity, while the EPSS score of 7% reflects a modest likelihood of exploitation. The vulnerability is not listed in CISA\u2019s KEV catalog, suggesting no widespread exploitation has been observed. Attackers would need to lure a user to click a crafted link or visit a malicious site; no elevated privileges are required. Because the flaw is limited to Android, the attack surface is confined to mobile users running older Firefox versions."}}}}, "created": "2026-04-20T18:45:14.239524+00:00", "updated": "2026-04-20T18:45:14.239535+00:00", "vendors": []}