Msrc Microsoft Edge vulnerabilities

CVE-2024-29986 [MEDIUM] CWE-359 Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information. FAQ: Why is the severity for this CVE rated as Moderate, but the CVSS score is higher than normal? Pe

CVE-2024-3846 [MEDIUM] Chromium: CVE-2024-3846 Inappropriate implementation in Prompts Chromium: CVE-2024-3846 Inappropriate implementation in Prompts Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is co

CVE-2024-3847 [MEDIUM] Chromium: CVE-2024-3847 Insufficient policy enforcement in WebUI Chromium: CVE-2024-3847 Insufficient policy enforcement in WebUI Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is

CVE-2024-2625 [HIGH] Chromium: CVE-2024-2625 Object lifecycle issue in V8 Chromium: CVE-2024-2625 Object lifecycle issue in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 123.0.2420.53 3/22/2024 123.0.6312.58/.59 FAQ: Why is this Chrome CVE included

CVE-2024-2883 [HIGH] Chromium: CVE-2024-2883 Use after free in ANGLE Chromium: CVE-2024-2883 Use after free in ANGLE Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 123.0.2420.65 3/26/2024 123.0.6312.86/.87 Extended Stable 122.0.2365.113 3/26/2024 122.0.

CVE-2024-2885 [HIGH] Chromium: CVE-2024-2885 Use after free in Dawn Chromium: CVE-2024-2885 Use after free in Dawn Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 123.0.2420.65 3/26/2024 123.0.6312.86/.87 Extended Stable 122.0.2365.113 3/26/2024 122.0.62

CVE-2024-2886 [HIGH] Chromium: CVE-2024-2886 Use after free in WebCodecs Chromium: CVE-2024-2886 Use after free in WebCodecs Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 123.0.2420.65 3/26/2024 123.0.6312.86/.87 Extended Stable 122.0.2365.113 3/26/202

CVE-2024-2173 [HIGH] Chromium: CVE-2024-2173 Out of bounds memory access in V8 Chromium: CVE-2024-2173 Out of bounds memory access in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 122.0.2365.80 3/7/2024 122.0.6261.111/.112 FAQ: Why is this Chrome CV

CVE-2024-2887 [HIGH] Chromium: CVE-2024-2887 Type Confusion in WebAssembly Chromium: CVE-2024-2887 Type Confusion in WebAssembly Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 123.0.2420.65 3/26/2024 123.0.6312.86/.87 Extended Stable 122.0.2365.113 3/26

CVE-2024-2174 [HIGH] Chromium: CVE-2024-2174 Inappropriate implementation in V8 Chromium: CVE-2024-2174 Inappropriate implementation in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 122.0.2365.80 3/7/2024 122.0.6261.111/.112 FAQ: Why is this Chrome

CVE-2024-2176 [HIGH] Chromium: CVE-2024-2176 Use after free in FedCM Chromium: CVE-2024-2176 Use after free in FedCM Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 122.0.2365.80 3/7/2024 122.0.6261.111/.112 FAQ: Why is this Chrome CVE included in the Se

CVE-2024-2400 [HIGH] Chromium: CVE-2024-2400 Use after free in Performance Manager Chromium: CVE-2024-2400 Use after free in Performance Manager Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed

CVE-2024-2627 [HIGH] Chromium: CVE-2024-2627 Use after free in Canvas Chromium: CVE-2024-2627 Use after free in Canvas Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 123.0.2420.53 3/22/2024 123.0.6312.58/.59 FAQ: Why is this Chrome CVE included in the S

CVE-2024-2628 [MEDIUM] Chromium: CVE-2024-2628 Inappropriate implementation in Downloads Chromium: CVE-2024-2628 Inappropriate implementation in Downloads Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 123.0.2420.53 3/22/2024 123.0.6312.58/.59 FAQ: Why

CVE-2024-2631 [MEDIUM] Chromium: CVE-2024-2631 Inappropriate implementation in iOS Chromium: CVE-2024-2631 Inappropriate implementation in iOS Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 123.0.2420.53 3/22/2024 123.0.6312.58/.59 FAQ: Why is this Chro

CVE-2024-29057 [MEDIUM] CWE-357 Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker. FAQ: According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for

CVE-2024-2629 [MEDIUM] Chromium: CVE-2024-2629 Incorrect security UI in iOS Chromium: CVE-2024-2629 Incorrect security UI in iOS Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 123.0.2420.53 3/22/2024 123.0.6312.58/.59 FAQ: Why is this Chrome CVE include

CVE-2024-2626 [MEDIUM] Chromium: CVE-2024-2626 Out of bounds read in Swiftshader Chromium: CVE-2024-2626 Out of bounds read in Swiftshader Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 123.0.2420.53 3/22/2024 123.0.6312.58/.59 FAQ: Why is this Chrome C

CVE-2024-2630 [MEDIUM] Chromium: CVE-2024-2630 Inappropriate implementation in iOS Chromium: CVE-2024-2630 Inappropriate implementation in iOS Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 123.0.2420.53 3/22/2024 123.0.6312.58/.59 FAQ: Why is this Chro

CVE-2024-26247 [MEDIUM] CWE-269 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 123.0.2420.53 3/22/2024 123.0.6312.58/.59 FAQ: According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? An exploited vulnerability can affect re