CVE-2018-0892Sensitive Information Exposure in Microsoft Edge

CWE-200Sensitive Information Exposure9 documents5 sources
Severity
4.3MEDIUMNVD
EPSS
12.8%
top 5.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Edge
Timeline
PublishedApr 12
Latest updateMay 14

Description

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0998.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages1 packages

CVEListV5microsoft/microsoft_edge9 versions+8

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

4
GHSA
GHSA-j4p9-7455-7q9j: An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vu2022-05-14
GHSA
GHSA-rpc6-p2hj-p63g: An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge Information Di2022-05-13
CVEList
CVE-2018-0892: An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vu2018-04-12
CVEList
CVE-2018-0998: An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge Information Di2018-04-12

📋Vendor Advisories

1
Microsoft
Microsoft Edge based on Edge HTML Information Disclosure Vulnerability2018-04-10

🕵️Threat Intelligence

2
Talos
Microsoft Patch Tuesday - April 20182018-04-10
Talos
Microsoft Patch Tuesday - April 20182018-04-10
CVE-2018-0892 — Sensitive Information Exposure | cvebase