CVE-2025-55028 — Uncontrolled Resource Consumption in Mozilla Firefox

CWE-400 — Uncontrolled Resource Consumption4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.1%
top 78.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Firefox
Timeline
PublishedAug 19

Description

Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attacks. This vulnerability was fixed in Firefox for iOS 142.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

â–¶NVDmozilla/firefox< 142.0

🔴Vulnerability Details

2
GHSA
GHSA-h3xr-99q8-227g: Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attac↗2025-08-19
â–¶
CVEList
JavaScript alerts could impede UI interaction or allow denial of service attacks↗2025-08-19
â–¶

📋Vendor Advisories

1
Mozilla
Mozilla Foundation Security Advisory 2025-68: CVE-2025-55028↗
â–¶
CVE-2025-55028 — Uncontrolled Resource Consumption | cvebase