CVE-2025-3029

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-3029

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-3029.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-3029

Downstream

DEBIAN-CVE-2025-3029

DLA-4109-1

DLA-4110-1

DSA-5889-1

DSA-5891-1

OESA-2025-1418

OESA-2025-1419

OESA-2025-1420

OESA-2025-1421

OESA-2025-1835

RHSA-2025:3556

RHSA-2025:3581

RHSA-2025:3582

RHSA-2025:3587

RHSA-2025:3589

RHSA-2025:3590

RHSA-2025:3620

RHSA-2025:3621

RHSA-2025:3623

RHSA-2025:3628

RHSA-2025:4026

RHSA-2025:4027

RHSA-2025:4028

RHSA-2025:4029

RHSA-2025:4030

RHSA-2025:4031

RHSA-2025:4032

RHSA-2025:4169

RHSA-2025:4170

RHSA-2025:7491

RHSA-2025:7493

RLSA-2025:3582

RLSA-2025:4170

SUSE-SU-2025:1103-1

SUSE-SU-2025:1138-1

SUSE-SU-2025:1157-1

UBUNTU-CVE-2025-3029

USN-7663-1

openSUSE-SU-2025:14961-1

openSUSE-SU-2025:14966-1

openSUSE-SU-2025:14971-1

Related

Withdrawn

2026-01-27T04:20:11.196884Z

Published

2025-04-01T13:15:41Z

Modified

2026-01-27T04:20:11.196884Z

Summary

[none]

Details

A crafted URL containing specific Unicode characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 137, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9.

References

Affected packages