Msrc Microsoft Edge vulnerabilities

CVE-2023-1534 [HIGH] Chromium: CVE-2023-1534 Out of bounds read in ANGLE Chromium: CVE-2023-1534 Out of bounds read in ANGLE Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (

CVE-2023-1213 [HIGH] Chromium: CVE-2023-1213 Use after free in Swiftshader Chromium: CVE-2023-1213 Use after free in Swiftshader Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Ed

CVE-2023-1528 [HIGH] Chromium: CVE-2023-1528 Use after free in Passwords Chromium: CVE-2023-1528 Use after free in Passwords Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (

CVE-2023-1216 [HIGH] Chromium: CVE-2023-1216 Use after free in DevTools Chromium: CVE-2023-1216 Use after free in DevTools Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Ch

CVE-2023-1220 [HIGH] Chromium: CVE-2023-1220 Heap buffer overflow in UMA Chromium: CVE-2023-1220 Heap buffer overflow in UMA Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (

CVE-2023-1532 [HIGH] Chromium: CVE-2023-1532 Out of bounds read in GPU Video Chromium: CVE-2023-1532 Out of bounds read in GPU Video Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsof

CVE-2023-1219 [HIGH] Chromium: CVE-2023-1219 Heap buffer overflow in Metrics Chromium: CVE-2023-1219 Heap buffer overflow in Metrics Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsof

CVE-2023-1222 [HIGH] Chromium: CVE-2023-1222 Heap buffer overflow in Web Audio API Chromium: CVE-2023-1222 Heap buffer overflow in Web Audio API Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed

CVE-2023-1530 [HIGH] Chromium: CVE-2023-1530 Use after free in PDF Chromium: CVE-2023-1530 Use after free in PDF Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-bas

CVE-2023-24892 [HIGH] Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability FAQ: According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability? The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site. FAQ: According to the CVSS metric, user interaction is required

CVE-2023-1234 [MEDIUM] Chromium: CVE-2023-1234 Inappropriate implementation in Intents Chromium: CVE-2023-1234 Inappropriate implementation in Intents Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is co

CVE-2023-1224 [MEDIUM] Chromium: CVE-2023-1224 Insufficient policy enforcement in Web Payments API Chromium: CVE-2023-1224 Insufficient policy enforcement in Web Payments API Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source So

CVE-2023-1235 [MEDIUM] Chromium: CVE-2023-1235 Type Confusion in DevTools Chromium: CVE-2023-1235 Type Confusion in DevTools Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (

CVE-2023-1217 [MEDIUM] Chromium: CVE-2023-1217 Stack buffer overflow in Crash reporting Chromium: CVE-2023-1217 Stack buffer overflow in Crash reporting Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is

CVE-2023-1229 [MEDIUM] Chromium: CVE-2023-1229 Inappropriate implementation in Permission prompts Chromium: CVE-2023-1229 Inappropriate implementation in Permission prompts Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Soft

CVE-2023-1231 [MEDIUM] Chromium: CVE-2023-1231 Inappropriate implementation in Autofill Chromium: CVE-2023-1231 Inappropriate implementation in Autofill Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is

CVE-2023-1236 [MEDIUM] Chromium: CVE-2023-1236 Inappropriate implementation in Internals Chromium: CVE-2023-1236 Inappropriate implementation in Internals Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which i

CVE-2023-1230 [MEDIUM] Chromium: CVE-2023-1230 Inappropriate implementation in WebApp Installs Chromium: CVE-2023-1230 Inappropriate implementation in WebApp Installs Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (

CVE-2023-28286 [MEDIUM] Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability FAQ: According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability? The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site. FAQ: According to the CVSS metric, user interactio

CVE-2023-28261 [MEDIUM] Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition and also to take additional actions prior to exploitation to prepare the target environment. FAQ: What privileges could be gaine