Msrc Microsoft Edge vulnerabilities

CVE-2023-5852 [HIGH] Chromium: CVE-2023-5852 Use after free in Printing Chromium: CVE-2023-5852 Use after free in Printing Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 119.0.2151.44 11/02/2023 119.0.6045.105/.106 FAQ: Why is this C

CVE-2023-5857 [HIGH] Chromium: CVE-2023-5857 Inappropriate implementation in Downloads Chromium: CVE-2023-5857 Inappropriate implementation in Downloads Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 119.0.2151.44 11/02/2023 119.0.6045

CVE-2023-5856 [HIGH] Chromium: CVE-2023-5856 Use after free in Side Panel Chromium: CVE-2023-5856 Use after free in Side Panel Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 119.0.2151.44 11/02/2023 119.0.6045.105/.106 FAQ: Why is th

CVE-2023-5855 [HIGH] Chromium: CVE-2023-5855 Use after free in Reading Mode Chromium: CVE-2023-5855 Use after free in Reading Mode Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 119.0.2151.44 11/02/2023 119.0.6045.105/.106 FAQ: Why i

CVE-2023-6347 [HIGH] Chromium: CVE-2023-6347 Use after free in Mojo Chromium: CVE-2023-6347 Use after free in Mojo Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-b

CVE-2023-5858 [MEDIUM] Chromium: CVE-2023-5858 Inappropriate implementation in WebApp Provider Chromium: CVE-2023-5858 Inappropriate implementation in WebApp Provider Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 119.0.2151.44 11/02/2

CVE-2023-5853 [MEDIUM] Chromium: CVE-2023-5853 Incorrect security UI in Downloads Chromium: CVE-2023-5853 Incorrect security UI in Downloads Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 119.0.2151.44 11/02/2023 119.0.6045.105/.106

CVE-2023-36026 [MEDIUM] Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability FAQ: Why is the severity for this CVE rated as Moderate, but the CVSS score is higher than normal? Per our severity guidelines, the amount of user interaction or preconditions required to allow this sort of exploitation downgraded the severity, specifically it says, "If a bug requires more than a click, a key press, or several preconditions, the severity will be

CVE-2023-5859 [MEDIUM] Chromium: CVE-2023-5859 Incorrect security UI in Picture In Picture Chromium: CVE-2023-5859 Incorrect security UI in Picture In Picture Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 119.0.2151.44 11/02/2023 119.

CVE-2023-36022 [MEDIUM] Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of availability (A:L)? What does that mean for this vulnerability? The performance can be interrupted and/or reduced, but the attacker cannot fully deny service. FAQ: According to the CVSS metric, the attack vector is local (AV:L). W

CVE-2023-5851 [MEDIUM] Chromium: CVE-2023-5851 Inappropriate implementation in Downloads Chromium: CVE-2023-5851 Inappropriate implementation in Downloads Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 119.0.2151.44 11/02/2023 119.0.60

CVE-2023-36008 [MEDIUM] CWE-416 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 119.0.2151.72 11/16/2023 119.0.6045.159/.160 Extended Stable 118.0.2088.109 11/16/2023 118.0.5993.144 FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why

CVE-2023-5850 [MEDIUM] Chromium: CVE-2023-5850 Incorrect security UI in Downloads Chromium: CVE-2023-5850 Incorrect security UI in Downloads Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 119.0.2151.44 11/02/2023 119.0.6045.105/.106

CVE-2023-5480 [MEDIUM] Chromium: CVE-2023-5480 Inappropriate implementation in Payments Chromium: CVE-2023-5480 Inappropriate implementation in Payments Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 119.0.2151.44 11/02/2023 119.0.6045

CVE-2023-5472 [HIGH] Chromium: CVE-2023-5472: Use after free in Profiles Chromium: CVE-2023-5472: Use after free in Profiles Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (

CVE-2023-5476 [HIGH] Chromium: CVE-2023-5476 Use after free in Blink History Chromium: CVE-2023-5476 Use after free in Blink History Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 118.0.2088.46 118.0.5993.

CVE-2023-5346 [HIGH] Chromium: CVE-2023-5346 Type Confusion in V8 Chromium: CVE-2023-5346 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based

CVE-2023-5474 [HIGH] Chromium: CVE-2023-5474 Heap buffer overflow in PDF Chromium: CVE-2023-5474 Heap buffer overflow in PDF Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 118.0.2088.46 118.0.5993.70/.71 1

CVE-2023-5218 [HIGH] Chromium: CVE-2023-5218 Use after free in Site Isolation Chromium: CVE-2023-5218 Use after free in Site Isolation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 118.0.2088.46 118.0.599

CVE-2023-5473 [MEDIUM] Chromium: CVE-2023-5473 Use after free in Cast Chromium: CVE-2023-5473 Use after free in Cast Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 118.0.2088.46 118.0.5993.70/.71 10/13/202