Msrc Microsoft Edge vulnerabilities

CVE-2024-8906 [HIGH] Chromium: CVE-2024-8906 Incorrect security UI in Downloads Chromium: CVE-2024-8906 Incorrect security UI in Downloads Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Mi

CVE-2024-8636 [HIGH] Chromium: CVE-2024-8636 Heap buffer overflow in Skia Chromium: CVE-2024-8636 Heap buffer overflow in Skia Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge

CVE-2024-8198 [HIGH] Chromium: CVE-2024-8198 Heap buffer overflow in Skia Chromium: CVE-2024-8198 Heap buffer overflow in Skia Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge

CVE-2024-8907 [HIGH] Chromium: CVE-2024-8907 Insufficient data validation in Omnibox Chromium: CVE-2024-8907 Insufficient data validation in Omnibox Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is cons

CVE-2024-8908 [HIGH] Chromium: CVE-2024-8908 Inappropriate implementation in Autofill Chromium: CVE-2024-8908 Inappropriate implementation in Autofill Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is co

CVE-2024-8909 [HIGH] Chromium: CVE-2024-8909 Inappropriate implementation in UI Chromium: CVE-2024-8909 Inappropriate implementation in UI Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Mi

CVE-2024-9122 [HIGH] Chromium: CVE-2024-9122 Type Confusion in V8 Chromium: CVE-2024-9122 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 129.0.2792.65 129.0.6668.70/.71 9/26/2024 Ext

CVE-2024-8905 [HIGH] Chromium: CVE-2024-8905 Inappropriate implementation in V8 Chromium: CVE-2024-8905 Inappropriate implementation in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Mi

CVE-2024-8904 [HIGH] Chromium: CVE-2024-8904 Type Confusion in V8 Chromium: CVE-2024-8904 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based

CVE-2024-8639 [HIGH] Chromium: CVE-2024-8639 Use after free in Autofill Chromium: CVE-2024-8639 Use after free in Autofill Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Ch

CVE-2024-8362 [HIGH] Chromium: CVE-2024-8362 Use after free in WebAudio Chromium: CVE-2024-8362 Use after free in WebAudio Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Ch

CVE-2024-8637 [HIGH] Chromium: CVE-2024-8637 Use after free in Media Router Chromium: CVE-2024-8637 Use after free in Media Router Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft

CVE-2024-9120 [HIGH] Chromium: CVE-2024-9120 Use after free in Dawn Chromium: CVE-2024-9120 Use after free in Dawn Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 129.0.2792.65 129.0.6668.70/.71 9/26/2024

CVE-2024-9123 [HIGH] Chromium: CVE-2024-9123 Integer overflow in Skia Chromium: CVE-2024-9123 Integer overflow in Skia Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 129.0.2792.65 129.0.6668.70/.71 9/26/20

CVE-2024-8194 [HIGH] Chromium: CVE-2024-8194 Type Confusion in V8 Chromium: CVE-2024-8194 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based

CVE-2024-8638 [HIGH] Chromium: CVE-2024-8638 Type Confusion in V8 Chromium: CVE-2024-8638 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based

CVE-2024-9121 [HIGH] Chromium: CVE-2024-9121 Inappropriate implementation in V8 Chromium: CVE-2024-9121 Inappropriate implementation in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 129.0.2792.65 129.0

CVE-2024-38222 [MEDIUM] CWE-276 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Microsoft Edge (Chromium-based) Information Disclosure Vulnerability FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 128.0.2739.42 128.0.6613.84/.85 8/22/2024 FAQ: Why is the severity for this CVE rated as Moderate, but the CVSS score is higher than normal? Per our severity guidelines, the a

CVE-2024-43496 [MEDIUM] CWE-787 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker. FAQ: According to the CVSS metric, the attack vector is network (AV:N) and user interaction is required (UI:R). What is the

CVE-2024-38221 [MEDIUM] CWE-79 Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability FAQ: According to the CVSS metric, user interaction is required (UI:R). What does that mean for this vulnerability? Successful exploitation requires the victim to perform multiple steps to trigger the vulnerability. FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to cl