6.5
CVSSv3

CVE-2025-23109

CVSSv4: NA | CVSSv3: 6.5 | CVSSv2: NA | VMScore: 750 | EPSS: 0.00043 | KEV: Not Included
Published: 11/01/2025 Updated: 13/01/2025

Vulnerability Summary

Hostname Spoofing Vulnerability in Firefox for iOS Versions Below 134

In Firefox for iOS versions earlier than 134, a vulnerability exists where long hostnames in URLs can be used to hide the real host of a website or mimic its address.

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox for ios

Vendor Advisories

Mozilla Foundation Security Advisory 2025-06 Security Vulnerabilities fixed in Firefox for iOS 134 Announced January 10, 2025 Impact moderate Products Firefox for iOS Fixed in Firefox for iOS 134 ...