CVE-2022-4692
published 2022-12-23CVE-2022-4692: Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.
PriorityP424medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EPSS
0.56%
42.6th percentile
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | usememos_memos | >= 0 < 0.9.0 | 0.9.0 |
| msrc | microsoft_edge | — | — |
| msrc | microsoft_edge_for_android | — | — |
| usememos | memos | < 0.9.0 | 0.9.0 |
| usememos | usememos_memos | >= unspecified < 0.9.0 | 0.9.0 |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
nvdv3.07.1HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
vendor_msrc9.6CRITICAL
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
usememos/memos vulnerable to stored Cross-site Scripting in github.com/usememos/memos
osv·2024-08-21
CVE-2022-4692 usememos/memos vulnerable to stored Cross-site Scripting in github.com/usememos/memos
usememos/memos vulnerable to stored Cross-site Scripting in github.com/usememos/memos
usememos/memos vulnerable to stored Cross-site Scripting in github.com/usememos/memos
GHSA
usememos/memos vulnerable to stored Cross-site Scripting
ghsa·2022-12-23
CVE-2022-4692 [MEDIUM] CWE-79 usememos/memos vulnerable to stored Cross-site Scripting
usememos/memos vulnerable to stored Cross-site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.
OSV
usememos/memos vulnerable to stored Cross-site Scripting
osv·2022-12-23
CVE-2022-4692 [MEDIUM] usememos/memos vulnerable to stored Cross-site Scripting
usememos/memos vulnerable to stored Cross-site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.
Microsoft
Chromium: CVE-2022-0100 Heap buffer overflow in Media streams API
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0100 [HIGH] Chromium: CVE-2022-0100 Heap buffer overflow in Media streams API
Chromium: CVE-2022-0100 Heap buffer overflow in Media streams API
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the br
Microsoft
Chromium: CVE-2022-0297 Use after free in Vulkan
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0297 [HIGH] Chromium: CVE-2022-0297 Use after free in Vulkan
Chromium: CVE-2022-0297 Use after free in Vulkan
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your
Microsoft
Chromium: CVE-2022-0101 Heap buffer overflow in Bookmarks
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0101 [HIGH] Chromium: CVE-2022-0101 Heap buffer overflow in Bookmarks
Chromium: CVE-2022-0101 Heap buffer overflow in Bookmarks
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
Microsoft
Chromium: CVE-2022-0304 Use after free in Bookmarks
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0304 [HIGH] Chromium: CVE-2022-0304 Use after free in Bookmarks
Chromium: CVE-2022-0304 Use after free in Bookmarks
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In yo
Microsoft
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
vendor_msrc·2022-01-11·CVSS 4.2
CVE-2022-21930 [MEDIUM] Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
Microsoft Edge (Chromium-based): Microsoft Edge (Chromium-based)
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Remote Code Execution
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely
Remediation: Release Notes
Reference: https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security
Microsoft
Chromium: CVE-2022-0293 Use after free in Web packaging
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0293 [HIGH] Chromium: CVE-2022-0293 Use after free in Web packaging
Chromium: CVE-2022-0293 Use after free in Web packaging
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
I
Microsoft
Chromium: CVE-2022-0290 Use after free in Site isolation
vendor_msrc·2022-01-11·CVSS 9.6
CVE-2022-0290 [CRITICAL] Chromium: CVE-2022-0290 Use after free in Site isolation
Chromium: CVE-2022-0290 Use after free in Site isolation
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
Microsoft
Chromium: CVE-2022-0105 Use after free in PDF
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0105 [HIGH] Chromium: CVE-2022-0105 Use after free in PDF
Chromium: CVE-2022-0105 Use after free in PDF
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your Micr
Microsoft
Chromium: CVE-2022-0107 Use after free in File Manager API
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0107 [HIGH] Chromium: CVE-2022-0107 Use after free in File Manager API
Chromium: CVE-2022-0107 Use after free in File Manager API
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
Microsoft
Chromium: CVE-2022-0098 Use after free in Screen Capture
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0098 [HIGH] Chromium: CVE-2022-0098 Use after free in Screen Capture
Chromium: CVE-2022-0098 Use after free in Screen Capture
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
I
Microsoft
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
vendor_msrc·2022-01-11·CVSS 6.1
CVE-2022-21970 [MEDIUM] Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
Microsoft Edge (Chromium-based): Microsoft Edge (Chromium-based)
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely
Remediation: Release Notes
Reference: https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security
Microsoft
Chromium: CVE-2022-0113 Inappropriate implementation in Blink
vendor_msrc·2022-01-11·CVSS 6.5
CVE-2022-0113 [MEDIUM] Chromium: CVE-2022-0113 Inappropriate implementation in Blink
Chromium: CVE-2022-0113 Inappropriate implementation in Blink
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browse
Microsoft
Chromium: CVE-2022-0292 Inappropriate implementation in Fenced Frames
vendor_msrc·2022-01-11·CVSS 6.5
CVE-2022-0292 [MEDIUM] Chromium: CVE-2022-0292 Inappropriate implementation in Fenced Frames
Chromium: CVE-2022-0292 Inappropriate implementation in Fenced Frames
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of t
Microsoft
Chromium: CVE-2022-0294 Inappropriate implementation in Push messaging
vendor_msrc·2022-01-11·CVSS 6.5
CVE-2022-0294 [MEDIUM] Chromium: CVE-2022-0294 Inappropriate implementation in Push messaging
Chromium: CVE-2022-0294 Inappropriate implementation in Push messaging
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of
Microsoft
Chromium: CVE-2022-0108 Inappropriate implementation in Navigation
vendor_msrc·2022-01-11·CVSS 6.5
CVE-2022-0108 [MEDIUM] Chromium: CVE-2022-0108 Inappropriate implementation in Navigation
Chromium: CVE-2022-0108 Inappropriate implementation in Navigation
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the b
Microsoft
Chromium: CVE-2022-0307 Use after free in Optimization Guide
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0307 [HIGH] Chromium: CVE-2022-0307 Use after free in Optimization Guide
Chromium: CVE-2022-0307 Use after free in Optimization Guide
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browse
Microsoft
Chromium: CVE-2022-0102 Type Confusion in V8
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0102 [HIGH] Chromium: CVE-2022-0102 Type Confusion in V8
Chromium: CVE-2022-0102 Type Confusion in V8
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your Micro
Microsoft
Chromium: CVE-2022-0302 Use after free in Omnibox
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0302 [HIGH] Chromium: CVE-2022-0302 Use after free in Omnibox
Chromium: CVE-2022-0302 Use after free in Omnibox
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your
Microsoft
Chromium: CVE-2022-0118 Inappropriate implementation in WebShare
vendor_msrc·2022-01-11·CVSS 4.3
CVE-2022-0118 [MEDIUM] Chromium: CVE-2022-0118 Inappropriate implementation in WebShare
Chromium: CVE-2022-0118 Inappropriate implementation in WebShare
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the bro
Microsoft
Chromium: CVE-2022-0308 Use after free in Data Transfer
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0308 [HIGH] Chromium: CVE-2022-0308 Use after free in Data Transfer
Chromium: CVE-2022-0308 Use after free in Data Transfer
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
I
Microsoft
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
vendor_msrc·2022-01-11·CVSS 2.5
CVE-2022-21929 [LOW] Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
Microsoft Edge (Chromium-based): Microsoft Edge (Chromium-based)
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Remote Code Execution
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely
Remediation: Release Notes
Reference: https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security
Microsoft
Chromium: CVE-2022-0106 Use after free in Autofill
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0106 [HIGH] Chromium: CVE-2022-0106 Use after free in Autofill
Chromium: CVE-2022-0106 Use after free in Autofill
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your
Microsoft
Chromium: CVE-2022-0301 Heap buffer overflow in DevTools
vendor_msrc·2022-01-11·CVSS 7.8
CVE-2022-0301 [HIGH] Chromium: CVE-2022-0301 Heap buffer overflow in DevTools
Chromium: CVE-2022-0301 Heap buffer overflow in DevTools
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
Microsoft
Chromium: CVE-2022-0291 Inappropriate implementation in Storage
vendor_msrc·2022-01-11·CVSS 6.5
CVE-2022-0291 [MEDIUM] Chromium: CVE-2022-0291 Inappropriate implementation in Storage
Chromium: CVE-2022-0291 Inappropriate implementation in Storage
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the bro
Microsoft
Chromium: CVE-2022-0112 Incorrect security UI in Browser UI
vendor_msrc·2022-01-11·CVSS 4.3
CVE-2022-0112 [MEDIUM] Chromium: CVE-2022-0112 Incorrect security UI in Browser UI
Chromium: CVE-2022-0112 Incorrect security UI in Browser UI
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
Microsoft
Chromium: CVE-2022-0298 Use after free in Scheduling
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0298 [HIGH] Chromium: CVE-2022-0298 Use after free in Scheduling
Chromium: CVE-2022-0298 Use after free in Scheduling
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In y
Microsoft
Chromium: CVE-2022-0115 Uninitialized Use in File API
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0115 [HIGH] Chromium: CVE-2022-0115 Uninitialized Use in File API
Chromium: CVE-2022-0115 Uninitialized Use in File API
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In y
Microsoft
Chromium: CVE-2022-0104 Heap buffer overflow in ANGLE
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0104 [HIGH] Chromium: CVE-2022-0104 Heap buffer overflow in ANGLE
Chromium: CVE-2022-0104 Heap buffer overflow in ANGLE
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In y
Microsoft
Chromium: CVE-2022-0097 Inappropriate implementation in DevTools
vendor_msrc·2022-01-11·CVSS 9.6
CVE-2022-0097 [CRITICAL] Chromium: CVE-2022-0097 Inappropriate implementation in DevTools
Chromium: CVE-2022-0097 Inappropriate implementation in DevTools
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the bro
Microsoft
Chromium: CVE-2022-0096 Use after free in Storage
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0096 [HIGH] Chromium: CVE-2022-0096 Use after free in Storage
Chromium: CVE-2022-0096 Use after free in Storage
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your
Microsoft
Microsoft Edge for Android Spoofing Vulnerability
vendor_msrc·2022-01-11·CVSS 4.3
CVE-2022-23258 [MEDIUM] Microsoft Edge for Android Spoofing Vulnerability
Microsoft Edge for Android Spoofing Vulnerability
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
Microsoft Edge (Chromium-based): Microsoft Edge (Chromium-based)
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Spoofing
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely
Remediation: Release Notes
Reference: https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security
Microsoft
Chromium: CVE-2022-0109 Inappropriate implementation in Autofill
vendor_msrc·2022-01-11·CVSS 6.5
CVE-2022-0109 [MEDIUM] Chromium: CVE-2022-0109 Inappropriate implementation in Autofill
Chromium: CVE-2022-0109 Inappropriate implementation in Autofill
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the bro
Microsoft
Chromium: CVE-2022-0099 Use after free in Sign-in
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0099 [HIGH] Chromium: CVE-2022-0099 Use after free in Sign-in
Chromium: CVE-2022-0099 Use after free in Sign-in
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your
Microsoft
Chromium: CVE-2022-0306 Heap buffer overflow in PDFium
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0306 [HIGH] Chromium: CVE-2022-0306 Heap buffer overflow in PDFium
Chromium: CVE-2022-0306 Heap buffer overflow in PDFium
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In
Microsoft
Chromium: CVE-2022-0111 Inappropriate implementation in Navigation
vendor_msrc·2022-01-11·CVSS 6.5
CVE-2022-0111 [MEDIUM] Chromium: CVE-2022-0111 Inappropriate implementation in Navigation
Chromium: CVE-2022-0111 Inappropriate implementation in Navigation
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the b
Microsoft
Chromium: CVE-2022-0311 Heap buffer overflow in Task Manager
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0311 [HIGH] Chromium: CVE-2022-0311 Heap buffer overflow in Task Manager
Chromium: CVE-2022-0311 Heap buffer overflow in Task Manager
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browse
Microsoft
Chromium: CVE-2022-0117 Policy bypass in Service Workers
vendor_msrc·2022-01-11·CVSS 6.5
CVE-2022-0117 [MEDIUM] Chromium: CVE-2022-0117 Policy bypass in Service Workers
Chromium: CVE-2022-0117 Policy bypass in Service Workers
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
I
Microsoft
Chromium: CVE-2022-0110 Incorrect security UI in Autofill
vendor_msrc·2022-01-11·CVSS 4.3
CVE-2022-0110 [MEDIUM] Chromium: CVE-2022-0110 Incorrect security UI in Autofill
Chromium: CVE-2022-0110 Incorrect security UI in Autofill
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
Microsoft
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
vendor_msrc·2022-01-11·CVSS 6.1
CVE-2022-21954 [MEDIUM] Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
Microsoft Edge (Chromium-based): Microsoft Edge (Chromium-based)
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely
Remediation: Release Notes
Reference: https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security
Microsoft
Chromium: CVE-2022-0120 Inappropriate implementation in Passwords
vendor_msrc·2022-01-11·CVSS 6.5
CVE-2022-0120 [MEDIUM] Chromium: CVE-2022-0120 Inappropriate implementation in Passwords
Chromium: CVE-2022-0120 Inappropriate implementation in Passwords
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the br
Microsoft
Chromium: CVE-2022-0116 Inappropriate implementation in Compositing
vendor_msrc·2022-01-11·CVSS 4.3
CVE-2022-0116 [MEDIUM] Chromium: CVE-2022-0116 Inappropriate implementation in Compositing
Chromium: CVE-2022-0116 Inappropriate implementation in Compositing
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.55
1/6/2022
97.0.4692.71
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the
Microsoft
Chromium: CVE-2022-0310 Heap buffer overflow in Task Manager
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0310 [HIGH] Chromium: CVE-2022-0310 Heap buffer overflow in Task Manager
Chromium: CVE-2022-0310 Heap buffer overflow in Task Manager
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browse
Microsoft
Chromium: CVE-2022-0300 Use after free in Text Input Method Editor
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0300 [HIGH] Chromium: CVE-2022-0300 Use after free in Text Input Method Editor
Chromium: CVE-2022-0300 Use after free in Text Input Method Editor
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the
Microsoft
Chromium: CVE-2022-0309 Inappropriate implementation in Autofill
vendor_msrc·2022-01-11·CVSS 6.5
CVE-2022-0309 [MEDIUM] Chromium: CVE-2022-0309 Inappropriate implementation in Autofill
Chromium: CVE-2022-0309 Inappropriate implementation in Autofill
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the br
Microsoft
Chromium: CVE-2022-0295 Use after free in Omnibox
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0295 [HIGH] Chromium: CVE-2022-0295 Use after free in Omnibox
Chromium: CVE-2022-0295 Use after free in Omnibox
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your
Microsoft
Chromium: CVE-2022-0289 Use after free in Safe browsing
vendor_msrc·2022-01-11·CVSS 8.8
CVE-2022-0289 [HIGH] Chromium: CVE-2022-0289 Use after free in Safe browsing
Chromium: CVE-2022-0289 Use after free in Safe browsing
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
I
Microsoft
Chromium: CVE-2022-0303 Race in GPU Watchdog
vendor_msrc·2022-01-11
CVE-2022-0303 Chromium: CVE-2022-0303 Race in GPU Watchdog
Chromium: CVE-2022-0303 Race in GPU Watchdog
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
97.0.1072.69
1/20/2022
97.0.4692.99
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your Micr
Red Hat
chromium-browser: Inappropriate implementation in Navigation
vendor_redhat·2022-01-04·CVSS 6.5
CVE-2022-0108 [MEDIUM] chromium-browser: Inappropriate implementation in Navigation
chromium-browser: Inappropriate implementation in Navigation
Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-12-23
Published