Msrc Microsoft Edge vulnerabilities

CVE-2023-29350 [HIGH] Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exp

CVE-2023-2723 [HIGH] Chromium: CVE-2023-2723 Use after free in DevTools Chromium: CVE-2023-2723 Use after free in DevTools Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Ch

CVE-2023-2726 [HIGH] Chromium: CVE-2023-2726 Inappropriate implementation in WebApp Installs Chromium: CVE-2023-2726 Inappropriate implementation in WebApp Installs Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OS

CVE-2023-2459 [MEDIUM] Chromium: CVE-2023-2459 Inappropriate implementation in Prompts Chromium: CVE-2023-2459 Inappropriate implementation in Prompts Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is co

CVE-2023-2468 [MEDIUM] Chromium: CVE-2023-2468 Inappropriate implementation in PictureInPicture Chromium: CVE-2023-2468 Inappropriate implementation in PictureInPicture Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software

CVE-2023-2463 [MEDIUM] Chromium: CVE-2023-2463 Inappropriate implementation in Full Screen Mode Chromium: CVE-2023-2463 Inappropriate implementation in Full Screen Mode Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software

CVE-2023-2464 [MEDIUM] Chromium: CVE-2023-2464 Inappropriate implementation in PictureInPicture Chromium: CVE-2023-2464 Inappropriate implementation in PictureInPicture Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software

CVE-2023-2462 [MEDIUM] Chromium: CVE-2023-2462 Inappropriate implementation in Prompts Chromium: CVE-2023-2462 Inappropriate implementation in Prompts Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is co

CVE-2023-2465 [MEDIUM] Chromium: CVE-2023-2465 Inappropriate implementation in CORS Chromium: CVE-2023-2465 Inappropriate implementation in CORS Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed

CVE-2023-29354 [MEDIUM] Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 113.0.1774.35 113.0.5672.63/.64 5/5/2023 Extended Stable 112.0.1722.71 112.0.5615.179 5/4/2023 FAQ: According to the CVSS metric, user interaction is required (UI:R). What interac

CVE-2023-2466 [MEDIUM] Chromium: CVE-2023-2466 Inappropriate implementation in Prompts Chromium: CVE-2023-2466 Inappropriate implementation in Prompts Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is co

CVE-2023-2467 [MEDIUM] Chromium: CVE-2023-2467 Inappropriate implementation in Prompts Chromium: CVE-2023-2467 Inappropriate implementation in Prompts Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is co

CVE-2023-2136 [CRITICAL] Chromium: CVE-2023-2136 Integer overflow in Skia Chromium: CVE-2023-2136 Integer overflow in Skia Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2023-2136 exists in the wild. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chrom

CVE-2023-2033 [HIGH] Chromium: CVE-2023-2033 Type Confusion in V8 Chromium: CVE-2023-2033 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2023-2033 exists in the wild. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Sou

CVE-2023-2133 [HIGH] Chromium: CVE-2023-2133 Out of bounds memory access in Service Worker API Chromium: CVE-2023-2133 Out of bounds memory access in Service Worker API Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software

CVE-2023-1818 [HIGH] Chromium: CVE-2023-1818 Use after free in Vulkan Chromium: CVE-2023-1818 Use after free in Vulkan Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromi

CVE-2023-1812 [HIGH] Chromium: CVE-2023-1812 Out of bounds memory access in DOM Bindings Chromium: CVE-2023-1812 Out of bounds memory access in DOM Bindings Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which

CVE-2023-1815 [HIGH] Chromium: CVE-2023-1815 Use after free in Networking APIs Chromium: CVE-2023-1815 Use after free in Networking APIs Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Micr

CVE-2023-1810 [HIGH] Chromium: CVE-2023-1810 Heap buffer overflow in Visuals Chromium: CVE-2023-1810 Heap buffer overflow in Visuals Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsof

CVE-2023-1811 [HIGH] Chromium: CVE-2023-1811 Use after free in Frames Chromium: CVE-2023-1811 Use after free in Frames Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromi