Vulnerability CVE-2025-0246: Information
Description
When using an invalid protocol scheme, an attacker could spoof the address bar. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.* *Note: This issue is a different issue from CVE-2025-0244. This vulnerability affects Firefox < 134.
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
firefox | sisyphus | 134.0-alt1 | 134.0.2-alt1 | ALT-PU-2025-1063-2 | 368493 | Fixed |
firefox | sisyphus_riscv64 | 134.0-alt0.port | 134.0.1-alt0.port | ALT-PU-2025-1265-1 | - | Fixed |
firefox | sisyphus_loongarch64 | 134.0-alt0.port | 134.0.1-alt0.port | ALT-PU-2025-1271-1 | - | Fixed |
firefox | p11 | 134.0.2-alt1 | 133.0.0-alt1 | ALT-PU-2025-1984-1 | 371739 | Testing |