FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Mozilla -- URL spoofing attack

Affected packages
firefox < 137.0,2
firefox-esr < 128.9
librewolf < 137.0
thunderbird < 137.0

Details

VuXML ID 2c0180a5-13c8-11f0-a5bd-b42e991fc52e
Discovery 2025-04-01
Entry 2025-04-07

security@mozilla.org reports:

A crafted URL containing specific Unicode characters could have hidden the true origin of the page, resulting in a potential spoofing attack.

[source]

References

CVE Name CVE-2025-3029
URL https://nvd.nist.gov/vuln/detail/CVE-2025-3029

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.