Msrc Microsoft Edge vulnerabilities

CVE-2024-11395 [HIGH] Chromium: CVE-2024-11395 Type Confusion in V8 Chromium: CVE-2024-11395 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-ba

CVE-2024-49025 [MEDIUM] CWE-359 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Microsoft Edge (Chromium-based) Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Personally Identifiable Information (PII). FAQ: According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss

CVE-2024-11117 [MEDIUM] Chromium: CVE-2024-11117 Inappropriate implementation in FileSystem Chromium: CVE-2024-11117 Inappropriate implementation in FileSystem Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) wh

CVE-2024-49054 [MEDIUM] CWE-357 Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 131.0.2903.63 11/21/2024 131.0.6778.85/.86 FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:N), some loss of integrity (I:L) but have no effect on availabil

CVE-2024-11116 [MEDIUM] Chromium: CVE-2024-11116 Inappropriate implementation in Paint Chromium: CVE-2024-11116 Inappropriate implementation in Paint Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is con

CVE-2024-11110 [MEDIUM] Chromium: CVE-2024-11110 Inappropriate implementation in Blink Chromium: CVE-2024-11110 Inappropriate implementation in Blink Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is con

CVE-2024-11111 [MEDIUM] Chromium: CVE-2024-11111 Inappropriate implementation in Autofill Chromium: CVE-2024-11111 Inappropriate implementation in Autofill Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which

CVE-2024-9369 [CRITICAL] Chromium: CVE-2024-9369 Insufficient data validation in Mojo Chromium: CVE-2024-9369 Insufficient data validation in Mojo Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consum

CVE-2024-43578 [HIGH] CWE-122 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 130.0.2849.46 10/17/2024 130.0.6723.59 FAQ: How could an attacker exploit this vulnerability via the Network? An attacker could host a specially crafted website designed to exploit the vulnerability through Mi

CVE-2024-10488 [HIGH] Chromium: CVE-2024-10488 Use after free in WebRTC Chromium: CVE-2024-10488 Use after free in WebRTC Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 130.0.2849.68 10/31/2024 130.0.6723.91/.92 FAQ: Why is this Chro

CVE-2024-9960 [HIGH] Chromium: CVE-2024-9960 Use after free in Dawn Chromium: CVE-2024-9960 Use after free in Dawn Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 130.0.2849.46 10/17/2024 130.0.6723.59 FAQ: Why is this Chrome CVE incl

CVE-2024-10487 [HIGH] Chromium: CVE-2024-10487: Out of bounds write in Dawn Chromium: CVE-2024-10487: Out of bounds write in Dawn Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 130.0.2849.68 10/31/2024 130.0.6723.91/.92 FAQ: Why is t

CVE-2024-9603 [HIGH] Chromium: CVE-2024-9603 Type Confusion in V8 Chromium: CVE-2024-9603 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 129.0.2792.89 10/10/2024 129.0.6668.100/.101 FAQ: Why is this Chrome CVE in

CVE-2024-9959 [HIGH] Chromium: CVE-2024-9959 Use after free in DevTools Chromium: CVE-2024-9959 Use after free in DevTools Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 130.0.2849.46 10/17/2024 130.0.6723.59 FAQ: Why is this Chrome

CVE-2024-9954 [HIGH] Chromium: CVE-2024-9954 Use after free in AI Chromium: CVE-2024-9954 Use after free in AI Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 130.0.2849.46 10/17/2024 130.0.6723.59 FAQ: Why is this Chrome CVE included

CVE-2024-9961 [HIGH] Chromium: CVE-2024-9961 Use after free in Parcel Tracking Chromium: CVE-2024-9961 Use after free in Parcel Tracking Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 130.0.2849.46 10/17/2024 130.0.6723.59 FAQ: Why i

CVE-2024-9956 [HIGH] Chromium: CVE-2024-9956 Inappropriate implementation in Web Authentication Chromium: CVE-2024-9956 Inappropriate implementation in Web Authentication Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 130.0.2849.46 10/

CVE-2024-9957 [HIGH] Chromium: CVE-2024-9957 Use after free in UI Chromium: CVE-2024-9957 Use after free in UI Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 130.0.2849.46 10/17/2024 130.0.6723.59 FAQ: Why is this Chrome CVE included

CVE-2024-9955 [HIGH] Chromium: CVE-2024-9955 Use after free in Web Authentication Chromium: CVE-2024-9955 Use after free in Web Authentication Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 130.0.2849.46 10/17/2024 130.0.6723.59 FAQ:

CVE-2024-7025 [HIGH] Chromium: CVE-2024-7025 Integer overflow in Layout Chromium: CVE-2024-7025 Integer overflow in Layout Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Ch