CVE-2025-14744

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-14744

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-14744.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-14744

Downstream

UBUNTU-CVE-2025-14744

Published

2025-12-18T15:15:52.500Z

Modified

2026-03-12T17:36:53.430758Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability affects Firefox for iOS < 144.0.

References

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "144.0"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-14744.json"