Vulnerability Details CVE-2025-54143
Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page This vulnerability affects Firefox for iOS < 141.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.4%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2025-54143
-
cpe:2.3:a:mozilla:firefox:-
-
cpe:2.3:a:mozilla:firefox:102.0
-
cpe:2.3:a:mozilla:firefox:119.0
-
cpe:2.3:a:mozilla:firefox:120.0
-
cpe:2.3:a:mozilla:firefox:127.0
-
cpe:2.3:a:mozilla:firefox:129
-
cpe:2.3:a:mozilla:firefox:14.0
-
cpe:2.3:a:mozilla:firefox:15.0
-
cpe:2.3:a:mozilla:firefox:15.1
-
cpe:2.3:a:mozilla:firefox:16.0
-
cpe:2.3:a:mozilla:firefox:16.1
-
cpe:2.3:a:mozilla:firefox:16.2
-
cpe:2.3:a:mozilla:firefox:17.0
-
cpe:2.3:a:mozilla:firefox:17.1
-
cpe:2.3:a:mozilla:firefox:17.2
-
cpe:2.3:a:mozilla:firefox:17.3
-
cpe:2.3:a:mozilla:firefox:18.0
-
cpe:2.3:a:mozilla:firefox:18.1
-
cpe:2.3:a:mozilla:firefox:18.2
-
cpe:2.3:a:mozilla:firefox:19.0
-
cpe:2.3:a:mozilla:firefox:19.1
-
cpe:2.3:a:mozilla:firefox:20.0
-
cpe:2.3:a:mozilla:firefox:20.1
-
cpe:2.3:a:mozilla:firefox:20.2
-
cpe:2.3:a:mozilla:firefox:21.0
-
cpe:2.3:a:mozilla:firefox:22.0
-
cpe:2.3:a:mozilla:firefox:23.0
-
cpe:2.3:a:mozilla:firefox:24.0
-
cpe:2.3:a:mozilla:firefox:24.1
-
cpe:2.3:a:mozilla:firefox:25.0
-
cpe:2.3:a:mozilla:firefox:25.1
-
cpe:2.3:a:mozilla:firefox:26.0
-
cpe:2.3:a:mozilla:firefox:27.0
-
cpe:2.3:a:mozilla:firefox:28.0