Msrc Microsoft Edge vulnerabilities

CVE-2023-4355 [HIGH] Chromium: CVE-2023-4355 Out of bounds memory access in V8 Chromium: CVE-2023-4355 Out of bounds memory access in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 116.0.1938.54 8/21/2023 116.0.5845.96/.97 FAQ: Wh

CVE-2023-4357 [HIGH] Chromium: CVE-2023-4357 Insufficient validation of untrusted input in XML Chromium: CVE-2023-4357 Insufficient validation of untrusted input in XML Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 116.0.1938.54 8/21/

CVE-2023-4428 [HIGH] Chromium: CVE-2023-4428: Out of bounds memory access in CSS Chromium: CVE-2023-4428: Out of bounds memory access in CSS Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by

CVE-2023-4431 [HIGH] Chromium: CVE-2023-4431: Out of bounds memory access in Fonts Chromium: CVE-2023-4431: Out of bounds memory access in Fonts Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed

CVE-2023-2312 [HIGH] Chromium: CVE-2023-2312 Use after free in Offline Chromium: CVE-2023-2312 Use after free in Offline Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 116.0.1938.54 8/21/2023 116.0.5845.96/.97 FAQ: Why is this Chrome

CVE-2023-4072 [HIGH] Chromium: CVE-2023-4072 Out of bounds read and write in WebGL Chromium: CVE-2023-4072 Out of bounds read and write in WebGL Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed

CVE-2023-4356 [HIGH] Chromium: CVE-2023-4356 Use after free in Audio Chromium: CVE-2023-4356 Use after free in Audio Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 116.0.1938.54 8/21/2023 116.0.5845.96/.97 FAQ: Why is this Chrome CVE

CVE-2023-4076 [HIGH] Chromium: CVE-2023-4076 Use after free in WebRTC Chromium: CVE-2023-4076 Use after free in WebRTC Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromi

CVE-2023-4366 [HIGH] Chromium: CVE-2023-4366 Use after free in Extensions Chromium: CVE-2023-4366 Use after free in Extensions Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 116.0.1938.54 8/21/2023 116.0.5845.96/.97 FAQ: Why is this

CVE-2023-4352 [HIGH] Chromium: CVE-2023-4352 Type Confusion in V8 Chromium: CVE-2023-4352 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 116.0.1938.54 8/21/2023 116.0.5845.96/.97 FAQ: Why is this Chrome CVE inclu

CVE-2023-4071 [HIGH] Chromium: CVE-2023-4071 Heap buffer overflow in Visuals Chromium: CVE-2023-4071 Heap buffer overflow in Visuals Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsof

CVE-2023-4078 [HIGH] Chromium: CVE-2023-4078 Inappropriate implementation in Extensions Chromium: CVE-2023-4078 Inappropriate implementation in Extensions Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which i

CVE-2023-4362 [HIGH] Chromium: CVE-2023-4362 Heap buffer overflow in Mojom IDL Chromium: CVE-2023-4362 Heap buffer overflow in Mojom IDL Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 116.0.1938.54 8/21/2023 116.0.5845.96/.97 FAQ: Wh

CVE-2023-4351 [HIGH] Chromium: CVE-2023-4351 Use after free in Network Chromium: CVE-2023-4351 Use after free in Network Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 116.0.1938.54 8/21/2023 116.0.5845.96/.97 FAQ: Why is this Chrome

CVE-2023-36787 [HIGH] CWE-416 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability FAQ: Why is the severity for this CVE rated as Moderate, but the CVSS score is higher than normal? Per our severity guidelines, the amount of user interaction or preconditions required to allow this sort of exploitation downgraded the severity, specifically it says, "If a bug requires more than a click, a key press, or several pr

CVE-2023-4068 [HIGH] Chromium: CVE-2023-4068 Type Confusion in V8 Chromium: CVE-2023-4068 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based

CVE-2023-4429 [HIGH] Chromium: CVE-2023-4429: Use after free in Loader Chromium: CVE-2023-4429: Use after free in Loader Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chro

CVE-2023-4368 [HIGH] Chromium: CVE-2023-4368 Insufficient policy enforcement in Extensions API Chromium: CVE-2023-4368 Insufficient policy enforcement in Extensions API Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 116.0.1938.54 8/21/

CVE-2023-4430 [HIGH] Chromium: CVE-2023-4430: Use after free in Vulkan Chromium: CVE-2023-4430: Use after free in Vulkan Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chro

CVE-2023-4073 [HIGH] Chromium: CVE-2023-4073 Out of bounds memory access in ANGLE Chromium: CVE-2023-4073 Out of bounds memory access in ANGLE Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed b