CVE-2022-4844
published 2022-12-29CVE-2022-4844: Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.
PriorityP336high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
0.31%
22.4th percentile
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | usememos_memos | 0 – 0.9.0 | — |
| msrc | microsoft_edge | — | — |
| msrc | microsoft_visual_studio_2022_version_17.0 | — | — |
| msrc | microsoft_visual_studio_2022_version_17.1 | — | — |
| usememos | memos | < 0.9.1 | 0.9.1 |
| usememos | usememos_memos | >= unspecified < 0.9.1 | 0.9.1 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
vendor_msrc9.6CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
usememos/memos Cross-Site Request Forgery vulnerability
ghsa·2022-12-29
CVE-2022-4844 [HIGH] CWE-352 usememos/memos Cross-Site Request Forgery vulnerability
usememos/memos Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos 0.9.0 and prior.
OSV
usememos/memos Cross-Site Request Forgery vulnerability
osv·2022-12-29
CVE-2022-4844 [HIGH] usememos/memos Cross-Site Request Forgery vulnerability
usememos/memos Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos 0.9.0 and prior.
Microsoft
Chromium: CVE-2022-0798 Use after free in MediaStream
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0798 [HIGH] Chromium: CVE-2022-0798 Use after free in MediaStream
Chromium: CVE-2022-0798 Use after free in MediaStream
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In y
Microsoft
Chromium: CVE-2022-0797 Out of bounds memory access in Mojo
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0797 [HIGH] Chromium: CVE-2022-0797 Out of bounds memory access in Mojo
Chromium: CVE-2022-0797 Out of bounds memory access in Mojo
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
Microsoft
Chromium: CVE-2022-1096 Type Confusion in V8
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-1096 [HIGH] Chromium: CVE-2022-1096 Type Confusion in V8
Chromium: CVE-2022-1096 Type Confusion in V8
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Google is aware that an exploit for CVE-2022-1096 exists in the wild.
FAQ: Why were Visual Studio 2022 version 17.0 and Visual Studio 2022 version 17.1 added to this Chrome CVE for Microsoft Edge?
These versions of Visual Studio 2022 use webview2 to render certain content, and this CVE addresses a vulnerability in that component.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.55
3/26/2022
99.0.4844.84
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The v
Microsoft
Chromium: CVE-2022-0979 Use after free in Safe Browsing
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0979 [HIGH] Chromium: CVE-2022-0979 Use after free in Safe Browsing
Chromium: CVE-2022-0979 Use after free in Safe Browsing
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.46
3/17/2022
99.0.4844.74
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
I
Microsoft
Chromium: CVE-2022-0793 Use after free in Views
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0793 [HIGH] Chromium: CVE-2022-0793 Use after free in Views
Chromium: CVE-2022-0793 Use after free in Views
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your Mi
Microsoft
Chromium: CVE-2022-0791 Use after free in Omnibox
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0791 [HIGH] Chromium: CVE-2022-0791 Use after free in Omnibox
Chromium: CVE-2022-0791 Use after free in Omnibox
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your
Microsoft
Chromium: CVE-2022-0790 Use after free in Cast UI
vendor_msrc·2022-03-08·CVSS 9.6
CVE-2022-0790 [CRITICAL] Chromium: CVE-2022-0790 Use after free in Cast UI
Chromium: CVE-2022-0790 Use after free in Cast UI
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your
Microsoft
Chromium: CVE-2022-0805 Use after free in Browser Switcher
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0805 [HIGH] Chromium: CVE-2022-0805 Use after free in Browser Switcher
Chromium: CVE-2022-0805 Use after free in Browser Switcher
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
Microsoft
Chromium: CVE-2022-0794 Use after free in WebShare
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0794 [HIGH] Chromium: CVE-2022-0794 Use after free in WebShare
Chromium: CVE-2022-0794 Use after free in WebShare
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your
Microsoft
Chromium: CVE-2022-0978 Use after free in ANGLE
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0978 [HIGH] Chromium: CVE-2022-0978 Use after free in ANGLE
Chromium: CVE-2022-0978 Use after free in ANGLE
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.46
3/17/2022
99.0.4844.74
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your M
Microsoft
Chromium: CVE-2022-0804 Inappropriate implementation in Full screen mode
vendor_msrc·2022-03-08·CVSS 6.5
CVE-2022-0804 [MEDIUM] Chromium: CVE-2022-0804 Inappropriate implementation in Full screen mode
Chromium: CVE-2022-0804 Inappropriate implementation in Full screen mode
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of
Microsoft
Chromium: CVE-2022-0799 Insufficient policy enforcement in Installer
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0799 [HIGH] Chromium: CVE-2022-0799 Insufficient policy enforcement in Installer
Chromium: CVE-2022-0799 Insufficient policy enforcement in Installer
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the
Microsoft
Chromium: CVE-2022-0806 Data leak in Canvas
vendor_msrc·2022-03-08·CVSS 6.5
CVE-2022-0806 [MEDIUM] Chromium: CVE-2022-0806 Data leak in Canvas
Chromium: CVE-2022-0806 Data leak in Canvas
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your Micros
Microsoft
Chromium: CVE-2022-0975 Use after free in ANGLE
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0975 [HIGH] Chromium: CVE-2022-0975 Use after free in ANGLE
Chromium: CVE-2022-0975 Use after free in ANGLE
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.46
3/17/2022
99.0.4844.74
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your M
Microsoft
Chromium: CVE-2022-0800 Heap buffer overflow in Cast UI
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0800 [HIGH] Chromium: CVE-2022-0800 Heap buffer overflow in Cast UI
Chromium: CVE-2022-0800 Heap buffer overflow in Cast UI
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In
Microsoft
Chromium: CVE-2022-0973 Use after free in Safe Browsing
vendor_msrc·2022-03-08·CVSS 9.6
CVE-2022-0973 [CRITICAL] Chromium: CVE-2022-0973 Use after free in Safe Browsing
Chromium: CVE-2022-0973 Use after free in Safe Browsing
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.46
3/17/2022
99.0.4844.74
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
I
Microsoft
Chromium: CVE-2022-0789 Heap buffer overflow in ANGLE
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0789 [HIGH] Chromium: CVE-2022-0789 Heap buffer overflow in ANGLE
Chromium: CVE-2022-0789 Heap buffer overflow in ANGLE
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In y
Microsoft
Chromium: CVE-2022-0980 Use after free in New Tab Page
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0980 [HIGH] Chromium: CVE-2022-0980 Use after free in New Tab Page
Chromium: CVE-2022-0980 Use after free in New Tab Page
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.46
3/17/2022
99.0.4844.74
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In
Microsoft
Chromium: CVE-2022-0807 Inappropriate implementation in Autofill
vendor_msrc·2022-03-08·CVSS 6.5
CVE-2022-0807 [MEDIUM] Chromium: CVE-2022-0807 Inappropriate implementation in Autofill
Chromium: CVE-2022-0807 Inappropriate implementation in Autofill
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the bro
Microsoft
Chromium: CVE-2022-0792 Out of bounds read in ANGLE
vendor_msrc·2022-03-08·CVSS 6.5
CVE-2022-0792 [MEDIUM] Chromium: CVE-2022-0792 Out of bounds read in ANGLE
Chromium: CVE-2022-0792 Out of bounds read in ANGLE
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In you
Microsoft
Chromium: CVE-2022-0796 Use after free in Media
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0796 [HIGH] Chromium: CVE-2022-0796 Use after free in Media
Chromium: CVE-2022-0796 Use after free in Media
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your Mi
Microsoft
Chromium: CVE-2022-0802 Inappropriate implementation in Full screen mode
vendor_msrc·2022-03-08·CVSS 6.5
CVE-2022-0802 [MEDIUM] Chromium: CVE-2022-0802 Inappropriate implementation in Full screen mode
Chromium: CVE-2022-0802 Inappropriate implementation in Full screen mode
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of
Microsoft
Chromium: CVE-2022-0972 Use after free in Extensions
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0972 [HIGH] Chromium: CVE-2022-0972 Use after free in Extensions
Chromium: CVE-2022-0972 Use after free in Extensions
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.46
3/17/2022
99.0.4844.74
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In y
Microsoft
Chromium: CVE-2022-0795 Type Confusion in Blink Layout
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0795 [HIGH] Chromium: CVE-2022-0795 Type Confusion in Blink Layout
Chromium: CVE-2022-0795 Type Confusion in Blink Layout
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In
Microsoft
Chromium: CVE-2022-0977 Use after free in Browser UI
vendor_msrc·2022-03-08·CVSS 9.6
CVE-2022-0977 [CRITICAL] Chromium: CVE-2022-0977 Use after free in Browser UI
Chromium: CVE-2022-0977 Use after free in Browser UI
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.46
3/17/2022
99.0.4844.74
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In y
Microsoft
Chromium: CVE-2022-0976 Heap buffer overflow in GPU
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0976 [HIGH] Chromium: CVE-2022-0976 Heap buffer overflow in GPU
Chromium: CVE-2022-0976 Heap buffer overflow in GPU
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.46
3/17/2022
99.0.4844.74
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In yo
Microsoft
Chromium: CVE-2022-0809 Out of bounds memory access in WebXR
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0809 [HIGH] Chromium: CVE-2022-0809 Out of bounds memory access in WebXR
Chromium: CVE-2022-0809 Out of bounds memory access in WebXR
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser
Microsoft
Chromium: CVE-2022-0801 Inappropriate implementation in HTML parser
vendor_msrc·2022-03-08·CVSS 6.1
CVE-2022-0801 [MEDIUM] Chromium: CVE-2022-0801 Inappropriate implementation in HTML parser
Chromium: CVE-2022-0801 Inappropriate implementation in HTML parser
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the
Microsoft
Chromium: CVE-2022-0803 Inappropriate implementation in Permissions
vendor_msrc·2022-03-08·CVSS 6.5
CVE-2022-0803 [MEDIUM] Chromium: CVE-2022-0803 Inappropriate implementation in Permissions
Chromium: CVE-2022-0803 Inappropriate implementation in Permissions
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the
Microsoft
Chromium: CVE-2022-0808 Use after free in Chrome OS Shell
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0808 [HIGH] Chromium: CVE-2022-0808 Use after free in Chrome OS Shell
Chromium: CVE-2022-0808 Use after free in Chrome OS Shell
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.30
3/3/2022
99.0.4844.51
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
Microsoft
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
vendor_msrc·2022-03-08·CVSS 6.3
CVE-2022-26899 [MEDIUM] Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.46
3/17/2022
99.0.4844.74
FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to minor loss of confidentiality (C:L), integrity (I:L) and availability (A:L). What does that mean for this vulnerability?
While we cannot rule out the impact to Confidentiality, Integrity, and Availability, the ability to exploit this vulnerability by itself is limited. An attacker would need to combine this with other vulnerabilities to perform an attack.
Microsoft Edge (Chromium-based): Microsoft Edge (Chromium-based)
Microsoft: Microsoft
Customer Action Required: Y
Microsoft
Chromium: CVE-2022-0971 Use after free in Blink Layout
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0971 [HIGH] Chromium: CVE-2022-0971 Use after free in Blink Layout
Chromium: CVE-2022-0971 Use after free in Blink Layout
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.46
3/17/2022
99.0.4844.74
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In
Microsoft
Chromium: CVE-2022-0974 Use after free in Splitscreen
vendor_msrc·2022-03-08·CVSS 8.8
CVE-2022-0974 [HIGH] Chromium: CVE-2022-0974 Use after free in Splitscreen
Chromium: CVE-2022-0974 Use after free in Splitscreen
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
99.0.1150.46
3/17/2022
99.0.4844.74
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In
No detection rules found.
No public exploits indexed.
2022-12-29
Published