CVE-2025-55028

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-55028
Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attacks. This vulnerability was fixed in Firefox for iOS 142.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1850240 Issue Tracking Permissions Required
https://www.mozilla.org/security/advisories/mfsa2025-68/ Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:iphone_os:*:*
History

13 Apr 2026, 15:17

Type Values Removed Values Added
Summary (en) Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attacks This vulnerability affects Firefox for iOS < 142. (en) Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attacks. This vulnerability was fixed in Firefox for iOS 142.

21 Aug 2025, 18:39

Type Values Removed Values Added
CPE cpe:2.3:a:mozilla:firefox:*:*:*:*:*:iphone_os:*:*
First Time Mozilla firefox
Mozilla
References () https://bugzilla.mozilla.org/show_bug.cgi?id=1850240 - () https://bugzilla.mozilla.org/show_bug.cgi?id=1850240 - Issue Tracking, Permissions Required
References () https://www.mozilla.org/security/advisories/mfsa2025-68/ - () https://www.mozilla.org/security/advisories/mfsa2025-68/ - Vendor Advisory

20 Aug 2025, 16:15

Type Values Removed Values Added
CWE CWE-400
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.5

20 Aug 2025, 14:40

Type Values Removed Values Added
Summary
  • (es) Los scripts maliciosos que utilizan alertas JavaScript repetitivas podrían impedir la interacción del usuario del cliente en algunos escenarios y permitir ataques de denegación de servicio. Esta vulnerabilidad afecta a Firefox para iOS &lt; 142.

19 Aug 2025, 21:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-08-19 21:15

Updated : 2026-04-13 15:17

NVD link : CVE-2025-55028

Mitre link : CVE-2025-55028

CVE.ORG link : CVE-2025-55028

JSON object : View

Products Affected

mozilla

  • firefox
CWE
CWE-400

Uncontrolled Resource Consumption