Msrc Microsoft Edge vulnerabilities

CVE-2024-26163 [MEDIUM] CWE-693 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability FAQ: How could an attacker exploit this vulnerability via the Network? An attacker could host a specially crafted website designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. However, in all cases an attacker would have no way to force a user to view the attacker-controlle

CVE-2024-1283 [CRITICAL] Chromium: CVE-2024-1283 Heap buffer overflow in Skia Chromium: CVE-2024-1283 Heap buffer overflow in Skia Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft

CVE-2024-1284 [CRITICAL] Chromium: CVE-2024-1284 Use after free in Mojo Chromium: CVE-2024-1284 Use after free in Mojo Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromi

CVE-2024-26192 [HIGH] CWE-359 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Microsoft Edge (Chromium-based) Information Disclosure Vulnerability FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 122.0.2365.52 2/23/2024 122.0.6261.57/.58 FAQ: According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? This vulnerability could lead to a browser s

CVE-2024-1939 [HIGH] Chromium: CVE-2024-1939 Type Confusion in V8 Chromium: CVE-2024-1939 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based

CVE-2024-1670 [HIGH] Chromium: CVE-2024-1670 Use after free in Mojo Chromium: CVE-2024-1670 Use after free in Mojo Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 122.0.2365.52 2/23/2024 122.0.6261.57/.58 FAQ: Why is this Chrome CVE included in the Secur

CVE-2024-21399 [HIGH] CWE-416 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 121.0.2277.98 2/1/2024 121.0.6167.139/140 Extended Stable 120.0.2210.167 2/1/2024 120.0.6099.276 FAQ: According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vuln

CVE-2024-1669 [HIGH] Chromium: CVE-2024-1669 Out of bounds memory access in Blink Chromium: CVE-2024-1669 Out of bounds memory access in Blink Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 122.0.2365.52 2/23/2024 122.0.6261.57/.58 FAQ: Why is this Chro

CVE-2024-1077 [HIGH] Chromium: CVE-2024-1077 Use after free in Network Chromium: CVE-2024-1077 Use after free in Network Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 121.0.2277.98 2/1/2024 121.0.6167.139/140 Extended Stable 120.0.2210.167 2/1/2024 120

CVE-2024-1938 [HIGH] Chromium: CVE-2024-1938 Type Confusion in V8 Chromium: CVE-2024-1938 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based

CVE-2024-1059 [HIGH] Chromium: CVE-2024-1059 Use after free in WebRTC Chromium: CVE-2024-1059 Use after free in WebRTC Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 121.0.2277.98 2/1/2024 121.0.6167.139/140 Extended Stable 120.0.2210.167 2/1/2024 120.0

CVE-2024-1674 [HIGH] Chromium: CVE-2024-1674 Inappropriate implementation in Navigation Chromium: CVE-2024-1674 Inappropriate implementation in Navigation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 122.0.2365.52 2/23/2024 122.0.6261.57/.58 FAQ: Why

CVE-2024-1675 [HIGH] Chromium: CVE-2024-1675 Insufficient policy enforcement in Download Chromium: CVE-2024-1675 Insufficient policy enforcement in Download Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 122.0.2365.52 2/23/2024 122.0.6261.57/.58 FAQ: Wh

CVE-2024-1673 [HIGH] Chromium: CVE-2024-1673 Use after free in Accessibility Chromium: CVE-2024-1673 Use after free in Accessibility Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 122.0.2365.52 2/23/2024 122.0.6261.57/.58 FAQ: Why is this Chrome CVE inc

CVE-2024-1060 [HIGH] Chromium: CVE-2024-1060 Use after free in Canvas Chromium: CVE-2024-1060 Use after free in Canvas Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 121.0.2277.98 2/1/2024 121.0.6167.139/140 Extended Stable 120.0.2210.167 2/1/2024 120.0

CVE-2024-1672 [MEDIUM] Chromium: CVE-2024-1672 Inappropriate implementation in Content Security Policy Chromium: CVE-2024-1672 Inappropriate implementation in Content Security Policy Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 122.0.2365.52 2/23/2024 1

CVE-2024-21423 [MEDIUM] CWE-693 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Microsoft Edge (Chromium-based) Information Disclosure Vulnerability FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 122.0.2365.52 2/23/2024 122.0.6261.57/.58 FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker

CVE-2024-1676 [MEDIUM] Chromium: CVE-2024-1676 Inappropriate implementation in Navigation Chromium: CVE-2024-1676 Inappropriate implementation in Navigation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 122.0.2365.52 2/23/2024 122.0.6261.57/.58 FAQ: Wh

CVE-2024-1671 [MEDIUM] Chromium: CVE-2024-1671 Inappropriate implementation in Site Isolation Chromium: CVE-2024-1671 Inappropriate implementation in Site Isolation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 122.0.2365.52 2/23/2024 122.0.6261.57/.58

CVE-2024-0808 [CRITICAL] Chromium: CVE-2024-0808 Integer underflow in WebUI Chromium: CVE-2024-0808 Integer underflow in WebUI Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge