Msrc Microsoft Edge vulnerabilities

CVE-2024-4558 [CRITICAL] Chromium: CVE-2024-4558 Use after free in ANGLE Chromium: CVE-2024-4558 Use after free in ANGLE Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chro

CVE-2024-5274 [CRITICAL] Chromium: CVE-2024-5274 Type Confusion in V8 Chromium: CVE-2024-5274 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2024-5274 exists in the wild. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 125.0.2535.67 5/23/2024

CVE-2024-4368 [HIGH] Chromium: CVE-2024-4368 Use after free in Dawn Chromium: CVE-2024-4368 Use after free in Dawn Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-b

CVE-2024-4761 [HIGH] Chromium: CVE-2024-4761 Out of bounds write in V8 Chromium: CVE-2024-4761 Out of bounds write in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2024-4761 exists in the wild. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromiu

CVE-2024-30056 [HIGH] CWE-359 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Microsoft Edge (Chromium-based) Information Disclosure Vulnerability FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker. FAQ: According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of confidentiality

CVE-2024-5160 [HIGH] Chromium: CVE-2024-5160 Heap buffer overflow in Dawn Chromium: CVE-2024-5160 Heap buffer overflow in Dawn Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge

CVE-2024-5158 [HIGH] Chromium: CVE-2024-5158 Type Confusion in V8 Chromium: CVE-2024-5158 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based

CVE-2024-4331 [HIGH] Chromium: CVE-2024-4331 Use after free in Picture In Picture Chromium: CVE-2024-4331 Use after free in Picture In Picture Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed b

CVE-2024-5159 [HIGH] Chromium: CVE-2024-5159 Heap buffer overflow in ANGLE Chromium: CVE-2024-5159 Heap buffer overflow in ANGLE Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Ed

CVE-2024-5157 [HIGH] Chromium: CVE-2024-5157 Use after free in Scheduling Chromium: CVE-2024-5157 Use after free in Scheduling Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge

CVE-2024-4949 [MEDIUM] Chromium: CVE-2024-4949 Use after free in V8 Chromium: CVE-2024-4949 Use after free in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221 FAQ: Why is this Chrome CVE included in the Security

CVE-2024-30055 [MEDIUM] CWE-451 Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker. FAQ: According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L)? What does that mea

CVE-2024-4559 [MEDIUM] Chromium: CVE-2024-4559 Heap buffer overflow in WebAudio Chromium: CVE-2024-4559 Heap buffer overflow in WebAudio Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Micr

CVE-2024-4948 [MEDIUM] Chromium: CVE-2024-4948 Use after free in Dawn Chromium: CVE-2024-4948 Use after free in Dawn Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221 FAQ: Why is this Chrome CVE included in the Secur

CVE-2024-4950 [MEDIUM] Chromium: CVE-2024-4950 Inappropriate implementation in Downloads Chromium: CVE-2024-4950 Inappropriate implementation in Downloads Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221 FAQ: Why is

CVE-2024-3157 [CRITICAL] Chromium: CVE-2024-3157 Out of bounds write in Compositing Chromium: CVE-2024-3157 Out of bounds write in Compositing Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 123.0.2420.97 4/12/2024 123.0.6312.122/.123 FAQ: Why is this Ch

CVE-2024-3840 [HIGH] Chromium: CVE-2024-3840 Insufficient policy enforcement in Site Isolation Chromium: CVE-2024-3840 Insufficient policy enforcement in Site Isolation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software

CVE-2024-3832 [HIGH] Chromium: CVE-2024-3832 Object corruption in V8 Chromium: CVE-2024-3832 Object corruption in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium

CVE-2024-3156 [HIGH] Chromium: CVE-2024-3156 Inappropriate implementation in V8 Chromium: CVE-2024-3156 Inappropriate implementation in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Mi

CVE-2024-3833 [HIGH] Chromium: CVE-2024-3833 Object corruption in WebAssembly Chromium: CVE-2024-3833 Object corruption in WebAssembly Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Micros