CVE-2018-8112Origin Validation Error in Microsoft Edge

CWE-346Origin Validation Error12 documents7 sources
Severity
4.3MEDIUMNVD
OSV7.5
EPSS
2.2%
top 15.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
THE Openjpeg Project Openjpeg2Microsoft Edge
Timeline
PublishedMay 9
Latest updateMay 13

Description

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5microsoft/microsoft_edge11 versions+10
Ubuntuthe_openjpeg_project/openjpeg2< 2.1.2-1.1+deb9u5build0.16.04.1

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

3
GHSA
GHSA-42mr-84r3-cv5m: A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feat2022-05-13
OSV
OpenJPEG vulnerabilities2020-09-15
CVEList
CVE-2018-8112: A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feat2018-05-09

📋Vendor Advisories

1
Microsoft
Microsoft Edge Security Feature Bypass Vulnerability2018-05-08

🕵️Threat Intelligence

7
Trendmicro
Microsoft’s May Patch Tuesday Fixes Exploited Bugs2018-05-09
Trendmicro
Microsoft’s May Patch Tuesday Fixes Exploited Bugs2018-05-09
Trendmicro
Microsoft’s May Patch Tuesday Fixes Exploited Bugs2018-05-09
Trendmicro
Microsoft’s May Patch Tuesday Fixes Exploited Bugs2018-05-09
Trendmicro
Microsoft’s May Patch Tuesday Fixes Exploited Bugs2018-05-09
CVE-2018-8112 — Origin Validation Error in Microsoft | cvebase