Security Advisory

CVE-2025-5020

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-21 17:18:08

Last updated 2026-04-13 14:30:18

Assigner mozilla

State PUBLISHED

Description

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139.

← Browse all CVEs View on cve.org ↗