CVE-2025-23109
published 2025-01-11CVE-2025-23109: Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address. This vulnerability was fixed in Firefox for…
medium6.5CVSS 3.1
AVNACLPRNUIRSUCNIHAN
Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address. This vulnerability was fixed in Firefox for iOS 134.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | — | — |
| mozilla | firefox | < 134.0 | 134.0 |
| mozilla | firefox | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
osv6.5MEDIUM
OSV
CVE-2025-23109: Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address This vulnerability affects Firefox fo
osv·2025-01-13·CVSS 6.5
CVE-2025-23109 [MEDIUM] CVE-2025-23109: Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address This vulnerability affects Firefox fo
Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address This vulnerability affects Firefox for iOS < 134.
GHSA
GHSA-6xcc-hv2v-v4r3: Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address This vulnerability affects Firefox fo
ghsa_unreviewed·2025-01-11
CVE-2025-23109 [MEDIUM] CWE-346 GHSA-6xcc-hv2v-v4r3: Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address This vulnerability affects Firefox fo
Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address This vulnerability affects Firefox for iOS < 134.
Debian
CVE-2025-23109: firefox - Long hostnames in URLs could be leveraged to obscure the actual host of the webs...
vendor_debian·2025·CVSS 6.5
CVE-2025-23109 [MEDIUM] CVE-2025-23109: firefox - Long hostnames in URLs could be leveraged to obscure the actual host of the webs...
Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address This vulnerability affects Firefox for iOS < 134.
Scope: local
sid: resolved
Mozilla
Mozilla Foundation Security Advisory 2025-06: CVE-2025-23109
vendor_mozilla·CVSS 6.5
CVE-2025-23109 [MEDIUM] Mozilla Foundation Security Advisory 2025-06: CVE-2025-23109
Mozilla Foundation Security Advisory 2025-06
CVE: CVE-2025-23109
Product: Firefox for iOS
Impact: moderate
Fixed in: Firefox for iOS 134
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-01-11
Published