Msrc Microsoft Edge vulnerabilities

CVE-2025-0441 [MEDIUM] Chromium: CVE-2025-0441 Inappropriate implementation in Fenced Frames Chromium: CVE-2025-0441 Inappropriate implementation in Fenced Frames Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS)

CVE-2025-0439 [MEDIUM] Chromium: CVE-2025-0439 Race in Frames Chromium: CVE-2025-0439 Race in Frames Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is b

CVE-2025-0442 [MEDIUM] Chromium: CVE-2025-0442 Inappropriate implementation in Payments Chromium: CVE-2025-0442 Inappropriate implementation in Payments Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is

CVE-2025-21262 [MEDIUM] CWE-451 Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability Description: User Interface (UI) Misrepresentation of Critical Information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), and integrity (I:L) but lead to no loss of avai

CVE-2025-0446 [MEDIUM] Chromium: CVE-2025-0446 Inappropriate implementation in Extensions Chromium: CVE-2025-0446 Inappropriate implementation in Extensions Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which

CVE-2025-21185 [MEDIUM] CWE-284 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could achieve elevation of privilege and gain the ability to read the API component. FAQ: According to the CVSS metric, user interaction is required (UI:R). What interactio

CVE-2024-12382 [HIGH] Chromium: CVE-2024-12382 Use after free in Translate Chromium: CVE-2024-12382 Use after free in Translate Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edg

CVE-2024-12692 [HIGH] Chromium: CVE-2024-12692 Type Confusion in V8 Chromium: CVE-2024-12692 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 131.0.2903.112 12/19/2024 131.0.6778.205 FAQ: Why is this Chrome CVE inc

CVE-2024-12694 [HIGH] Chromium: CVE-2024-12694 Use after free in Compositing Chromium: CVE-2024-12694 Use after free in Compositing Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 131.0.2903.112 12/19/2024 131.0.6778.205 FAQ: Why is t

CVE-2024-12693 [HIGH] Chromium: CVE-2024-12693 Out of bounds memory access in V8 Chromium: CVE-2024-12693 Out of bounds memory access in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 131.0.2903.112 12/19/2024 131.0.6778.205 FAQ:

CVE-2024-12053 [HIGH] Chromium: CVE-2024-12053 Type Confusion in V8 Chromium: CVE-2024-12053 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 131.0.2903.86 12/05/2024 131.0.6778.108/.109 FAQ: Why is this Chrome CVE

CVE-2024-12381 [HIGH] Chromium: CVE-2024-12381 Type Confusion in V8 Chromium: CVE-2024-12381 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-ba

CVE-2024-12695 [HIGH] Chromium: CVE-2024-12695 Out of bounds write in V8 Chromium: CVE-2024-12695 Out of bounds write in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 131.0.2903.112 12/19/2024 131.0.6778.205 FAQ: Why is this Chro

CVE-2024-49041 [MEDIUM] CWE-449 Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker. FAQ: According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for

CVE-2024-11113 [HIGH] Chromium: CVE-2024-11113 Use after free in Accessibility Chromium: CVE-2024-11113 Use after free in Accessibility Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Micro

CVE-2024-11114 [HIGH] Chromium: CVE-2024-11114 Inappropriate implementation in Views Chromium: CVE-2024-11114 Inappropriate implementation in Views Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consu

CVE-2024-11112 [HIGH] Chromium: CVE-2024-11112 Use after free in Media Chromium: CVE-2024-11112 Use after free in Media Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chrom

CVE-2024-10826 [HIGH] Chromium: CVE-2024-10826 Use after free in Family Experiences Chromium: CVE-2024-10826 Use after free in Family Experiences Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 130.0.2849.80 11/07/2024 130.0.6723.117

CVE-2024-10827 [HIGH] Chromium: CVE-2024-10827 Use after free in Serial Chromium: CVE-2024-10827 Use after free in Serial Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 130.0.2849.80 11/07/2024 130.0.6723.117 FAQ: Why is this Chrome

CVE-2024-11115 [HIGH] Chromium: CVE-2024-11115 Insufficient policy enforcement in Navigation Chromium: CVE-2024-11115 Insufficient policy enforcement in Navigation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS