CVE-2025-14327

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-14327

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-14327.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-14327

Downstream

DEBIAN-CVE-2025-14327

DLA-4439-1

DLA-4442-1

DSA-6101-1

DSA-6103-1

OESA-2026-1085

OESA-2026-1086

OESA-2026-1087

OESA-2026-1088

OESA-2026-1089

OESA-2026-1090

OESA-2026-1264

OESA-2026-1285

RHSA-2026:0667

RHSA-2026:0694

RHSA-2026:0924

RHSA-2026:1320

RHSA-2026:1413

RHSA-2026:1414

RHSA-2026:1415

RHSA-2026:1461

RHSA-2026:1462

RHSA-2026:1471

RHSA-2026:1487

RHSA-2026:2041

RHSA-2026:2043

RHSA-2026:2044

RHSA-2026:2047

RHSA-2026:2069

RHSA-2026:2070

RHSA-2026:2073

RHSA-2026:2074

RHSA-2026:2220

RHSA-2026:2231

RHSA-2026:2271

RHSA-2026:2286

RLSA-2026:0667

RLSA-2026:0694

RLSA-2026:0924

RLSA-2026:2220

UBUNTU-CVE-2025-14327

USN-7991-1

Related

Published

2025-12-09T16:17:40.227Z

Modified

2026-03-15T22:50:18.750307Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox < 146, Thunderbird < 146, Firefox ESR < 140.7, and Thunderbird < 140.7.

References

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "146.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "146.0"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-14327.json"