CVE-2025-55029: Vulnerability in Mozilla Firefox for iOS
Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks. This vulnerability was fixed in Firefox for iOS 142.
AI Analysis
Technical Summary
This vulnerability allows malicious scripts in Firefox for iOS to circumvent the popup blocker mechanism and open numerous new tabs, which can overwhelm the application and lead to denial of service. The issue affects Firefox for iOS and was addressed in version 142. The CVSS 3.1 vector indicates network attack vector, low attack complexity, no privileges or user interaction required, and impact on availability only. The vendor advisory explicitly states the vulnerability was fixed in Firefox for iOS 142.
Potential Impact
The primary impact is denial of service due to resource exhaustion from spamming new tabs. There is no confidentiality or integrity impact reported. The vulnerability could degrade user experience or render the browser unusable temporarily. No known exploits in the wild have been reported, reducing immediate risk.
Mitigation Recommendations
Users should update Firefox for iOS to version 142 or later, where this vulnerability has been fixed. Since the vendor advisory confirms an official fix, applying this update fully mitigates the issue. No additional mitigation steps are necessary.
CVE-2025-55029: Vulnerability in Mozilla Firefox for iOS
Description
Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks. This vulnerability was fixed in Firefox for iOS 142.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability allows malicious scripts in Firefox for iOS to circumvent the popup blocker mechanism and open numerous new tabs, which can overwhelm the application and lead to denial of service. The issue affects Firefox for iOS and was addressed in version 142. The CVSS 3.1 vector indicates network attack vector, low attack complexity, no privileges or user interaction required, and impact on availability only. The vendor advisory explicitly states the vulnerability was fixed in Firefox for iOS 142.
Potential Impact
The primary impact is denial of service due to resource exhaustion from spamming new tabs. There is no confidentiality or integrity impact reported. The vulnerability could degrade user experience or render the browser unusable temporarily. No known exploits in the wild have been reported, reducing immediate risk.
Mitigation Recommendations
Users should update Firefox for iOS to version 142 or later, where this vulnerability has been fixed. Since the vendor advisory confirms an official fix, applying this update fully mitigates the issue. No additional mitigation steps are necessary.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mozilla
- Date Reserved
- 2025-08-05T13:26:34.685Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 68a4e678ad5a09ad00fb5d8a
Added to database: 8/19/2025, 9:02:48 PM
Last enriched: 4/14/2026, 11:48:24 AM
Last updated: 5/10/2026, 2:52:26 AM
Views: 130
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.