Msrc Microsoft Edge vulnerabilities

CVE-2023-4863 [HIGH] Chromium: CVE-2023-4863 Heap buffer overflow in WebP Chromium: CVE-2023-4863 Heap buffer overflow in WebP Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2023-4863 exists in the wild. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in C

CVE-2023-36562 [HIGH] CWE-416 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 117.0.2045.31 117.0.5938.62/.63 9/15/2023 FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to minor loss of confidentiality (C:L), in

CVE-2023-4905 [MEDIUM] Chromium: CVE-2023-4905 Inappropriate implementation in Prompts Chromium: CVE-2023-4905 Inappropriate implementation in Prompts Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 117.0.2

CVE-2023-4909 [MEDIUM] Chromium: CVE-2023-4909 Inappropriate implementation in Interstitials Chromium: CVE-2023-4909 Inappropriate implementation in Interstitials Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released St

CVE-2023-4901 [MEDIUM] Chromium: CVE-2023-4901 Inappropriate implementation in Prompts Chromium: CVE-2023-4901 Inappropriate implementation in Prompts Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 117.0.2

CVE-2023-4907 [MEDIUM] Chromium: CVE-2023-4907 Inappropriate implementation in Intents Chromium: CVE-2023-4907 Inappropriate implementation in Intents Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 117.0.2

CVE-2023-4908 [MEDIUM] Chromium: CVE-2023-4908 Inappropriate implementation in Picture in Picture Chromium: CVE-2023-4908 Inappropriate implementation in Picture in Picture Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Rel

CVE-2023-4906 [MEDIUM] Chromium: CVE-2023-4906 Insufficient policy enforcement in Autofill Chromium: CVE-2023-4906 Insufficient policy enforcement in Autofill Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable

CVE-2023-4900 [MEDIUM] Chromium: CVE-2023-4900 Inappropriate implementation in Custom Tabs Chromium: CVE-2023-4900 Inappropriate implementation in Custom Tabs Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable

CVE-2023-4764 [MEDIUM] Chromium: CVE-2023-4764 Incorrect security UI in BFCache Chromium: CVE-2023-4764 Incorrect security UI in BFCache Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Micr

CVE-2023-4904 [MEDIUM] Chromium: CVE-2023-4904 Insufficient policy enforcement in Downloads Chromium: CVE-2023-4904 Insufficient policy enforcement in Downloads Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stab

CVE-2023-4903 [MEDIUM] Chromium: CVE-2023-4903 Inappropriate implementation in Custom Mobile Tabs Chromium: CVE-2023-4903 Inappropriate implementation in Custom Mobile Tabs Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Rel

CVE-2023-36727 [MEDIUM] Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 117.0.2045.31 117.0.5938.62/.63 9/15/2023 FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted U

CVE-2023-4902 [MEDIUM] Chromium: CVE-2023-4902 Inappropriate implementation in Input Chromium: CVE-2023-4902 Inappropriate implementation in Input Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 117.0.2045.

CVE-2023-1999 [MEDIUM] Chromium: CVE-2023-1999 Use after free in libwebp Chromium: CVE-2023-1999 Use after free in libwebp Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Ch

CVE-2023-4074 [HIGH] Chromium: CVE-2023-4074 Use after free in Blink Task Scheduling Chromium: CVE-2023-4074 Use after free in Blink Task Scheduling Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is cons

CVE-2023-4427 [HIGH] Chromium: CVE-2023-4427: Out of bounds memory access in V8 Chromium: CVE-2023-4427: Out of bounds memory access in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Mi

CVE-2023-4353 [HIGH] Chromium: CVE-2023-4353 Heap buffer overflow in ANGLE Chromium: CVE-2023-4353 Heap buffer overflow in ANGLE Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 116.0.1938.54 8/21/2023 116.0.5845.96/.97 FAQ: Why is thi

CVE-2023-4572 [HIGH] Chromium: CVE-2023-4572 Use after free in MediaStream Chromium: CVE-2023-4572 Use after free in MediaStream Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 116.0.1938.69 8/31/2023 116.0.5845.140/.141 FAQ: Why is t

CVE-2023-4069 [HIGH] Chromium: CVE-2023-4069 Type Confusion in V8 Chromium: CVE-2023-4069 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based