Msrc Microsoft Edge vulnerabilities

CVE-2023-2936 [HIGH] Chromium: CVE-2023-2936 Type Confusion in V8 Chromium: CVE-2023-2936 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 114.0.1823.37 6/2/2023 114.0.5735.90/91 FAQ: Why is this Chrome CVE include

CVE-2023-3216 [HIGH] Chromium: CVE-2023-3216 Type Confusion in V8 Chromium: CVE-2023-3216 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based

CVE-2023-2933 [HIGH] Chromium: CVE-2023-2933 Use after free in PDF Chromium: CVE-2023-2933 Use after free in PDF Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 114.0.1823.37 6/2/2023 114.0.5735.90/91 FAQ: Why is this Chrome CVE inclu

CVE-2023-3420 [HIGH] Chromium: CVE-2023-3420 Type Confusion in V8 Chromium: CVE-2023-3420 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 114.0.1823.67 6/29/2023 114.0.5735.198/199 FAQ: Why is this Chrome CVE incl

CVE-2023-2932 [HIGH] Chromium: CVE-2023-2932 Use after free in PDF Chromium: CVE-2023-2932 Use after free in PDF Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 114.0.1823.37 6/2/2023 114.0.5735.90/91 FAQ: Why is this Chrome CVE inclu

CVE-2023-33143 [HIGH] Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 114.0.1823.37 6/2/2023 114.0.5735.90/91 FAQ: According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? This vulnerability could lead to a

CVE-2023-3422 [HIGH] Chromium: CVE-2023-3422 Use after free in Guest View Chromium: CVE-2023-3422 Use after free in Guest View Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 114.0.1823.67 6/29/2023 114.0.5735.198/199 FAQ: Why is this

CVE-2023-2935 [HIGH] Chromium: CVE-2023-2935 Type Confusion in V8 Chromium: CVE-2023-2935 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 114.0.1823.37 6/2/2023 114.0.5735.90/91 FAQ: Why is this Chrome CVE include

CVE-2023-2931 [HIGH] Chromium: CVE-2023-2931 Use after free in PDF Chromium: CVE-2023-2931 Use after free in PDF Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 114.0.1823.37 6/2/2023 114.0.5735.90/91 FAQ: Why is this Chrome CVE inclu

CVE-2023-2941 [MEDIUM] Chromium: CVE-2023-2941 Inappropriate implementation in Extensions API Chromium: CVE-2023-2941 Inappropriate implementation in Extensions API Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 114.0.1823.37 6/2/2023

CVE-2023-2937 [MEDIUM] Chromium: CVE-2023-2937 Inappropriate implementation in Picture In Picture Chromium: CVE-2023-2937 Inappropriate implementation in Picture In Picture Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 114.0.1823.37 6

CVE-2023-33145 [MEDIUM] Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Microsoft Edge (Chromium-based) Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is data inside the targeted website like IDs, tokens, cryptographic nonces, and other sensitive information. FAQ: According to the CVSS metric, user interactio

CVE-2023-29345 [MEDIUM] Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker. FAQ: According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this v

CVE-2023-2938 [MEDIUM] Chromium: CVE-2023-2938 Inappropriate implementation in Picture In Picture Chromium: CVE-2023-2938 Inappropriate implementation in Picture In Picture Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 114.0.1823.37 6

CVE-2023-2940 [MEDIUM] Chromium: CVE-2023-2940 Inappropriate implementation in Downloads Chromium: CVE-2023-2940 Inappropriate implementation in Downloads Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 114.0.1823.37 6/2/2023 114.0.5735

CVE-2023-2725 [HIGH] Chromium: CVE-2023-2725 Use after free in Guest View Chromium: CVE-2023-2725 Use after free in Guest View Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge

CVE-2023-2724 [HIGH] Chromium: CVE-2023-2724 Type Confusion in V8 Chromium: CVE-2023-2724 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based

CVE-2023-2460 [HIGH] Chromium: CVE-2023-2460 Insufficient validation of untrusted input in Extensions Chromium: CVE-2023-2460 Insufficient validation of untrusted input in Extensions Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open S

CVE-2023-2721 [HIGH] Chromium: CVE-2023-2721 Use after free in Navigation Chromium: CVE-2023-2721 Use after free in Navigation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge

CVE-2023-2722 [HIGH] Chromium: CVE-2023-2722 Use after free in Autofill UI Chromium: CVE-2023-2722 Use after free in Autofill UI Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Ed