Msrc Microsoft Edge vulnerabilities

CVE-2021-38011 [HIGH] Chromium: CVE-2021-38011 Use after free in storage foundation Chromium: CVE-2021-38011 Use after free in storage foundation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 96.0.1954.29 11/19/2021 96.0.4664.45 FAQ

CVE-2021-38017 [HIGH] Chromium: CVE-2021-38017 Insufficient policy enforcement in iframe sandbox Chromium: CVE-2021-38017 Insufficient policy enforcement in iframe sandbox Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 96.0.1954.29 11/

CVE-2021-38006 [HIGH] Chromium: CVE-2021-38006 Use after free in storage foundation Chromium: CVE-2021-38006 Use after free in storage foundation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 96.0.1954.29 11/19/2021 96.0.4664.45 FAQ

CVE-2021-38019 [MEDIUM] Chromium: CVE-2021-38019 Insufficient policy enforcement in CORS Chromium: CVE-2021-38019 Insufficient policy enforcement in CORS Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 96.0.1954.29 11/19/2021 96.0.4664.

CVE-2021-38009 [MEDIUM] Chromium: CVE-2021-38009 Inappropriate implementation in cache Chromium: CVE-2021-38009 Inappropriate implementation in cache Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 96.0.1954.29 11/19/2021 96.0.4664.45

CVE-2021-43221 [MEDIUM] Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 96.0.1954.29 11/19/2021 96.0.4664.45 Microsoft Edge (Chromium-based): Microsoft Edge (Chromium-based) Microsoft: Microsoft Customer Action Required: Yes Impact: Remote Code Execution Exploit Status: Publicly Dis

CVE-2021-38020 [MEDIUM] Chromium: CVE-2021-38020 Insufficient policy enforcement in contacts picker Chromium: CVE-2021-38020 Insufficient policy enforcement in contacts picker Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 96.0.1954.29

CVE-2021-38018 [MEDIUM] Chromium: CVE-2021-38018 Inappropriate implementation in navigation Chromium: CVE-2021-38018 Inappropriate implementation in navigation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 96.0.1954.29 11/19/2021 96.0

CVE-2021-38022 [MEDIUM] Chromium: CVE-2021-38022 Inappropriate implementation in WebAuthentication Chromium: CVE-2021-38022 Inappropriate implementation in WebAuthentication Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 96.0.1954.29 1

CVE-2021-38010 [MEDIUM] Chromium: CVE-2021-38010 Inappropriate implementation in service workers Chromium: CVE-2021-38010 Inappropriate implementation in service workers Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 96.0.1954.29 11/19

CVE-2021-38021 [MEDIUM] Chromium: CVE-2021-38021 Inappropriate implementation in referrer Chromium: CVE-2021-38021 Inappropriate implementation in referrer Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 96.0.1954.29 11/19/2021 96.0.466

CVE-2021-42308 [LOW] Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 96.0.1954.29 11/19/2021 96.0.4664.45 Microsoft Edge (Chromium-based): Microsoft Edge (Chromium-based) Microsoft: Microsoft Customer Action Required: Yes Impact: Spoofing Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Rel

CVE-2021-38002 [CRITICAL] Chromium: CVE-2021-38002 Use after free in Web Transport Chromium: CVE-2021-38002 Use after free in Web Transport Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 95.0.1020.40 10/29/2021 95.0.4638.69 FAQ: Why

CVE-2021-37981 [CRITICAL] Chromium: CVE-2021-37981 Heap buffer overflow in Skia Chromium: CVE-2021-37981 Heap buffer overflow in Skia Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 95.0.1020.30 10/21/2021 95.0.4638.54 FAQ: Why is th

CVE-2021-37985 [HIGH] Chromium: CVE-2021-37985 Use after free in V8 Chromium: CVE-2021-37985 Use after free in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 95.0.1020.30 10/21/2021 95.0.4638.54 FAQ: Why is this Chrome CVE includ

CVE-2021-37979 [HIGH] Chromium: CVE-2021-37979 Heap buffer overflow in WebRTC Chromium: CVE-2021-37979 Heap buffer overflow in WebRTC Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 94.0.992.47 10/11/2021 94.0.4606.71 FAQ: Why is this

CVE-2021-37988 [HIGH] Chromium: CVE-2021-37988 Use after free in Profiles Chromium: CVE-2021-37988 Use after free in Profiles Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 95.0.1020.30 10/21/2021 95.0.4638.54 FAQ: Why is this Chrom

CVE-2021-37991 [HIGH] Chromium: CVE-2021-37991 Race in V8 Chromium: CVE-2021-37991 Race in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 95.0.1020.30 10/21/2021 95.0.4638.54 FAQ: Why is this Chrome CVE included in the Security U

CVE-2021-37998 [HIGH] Chromium: CVE-2021-37998 Use after free in Garbage Collection Chromium: CVE-2021-37998 Use after free in Garbage Collection Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 95.0.1020.40 10/29/2021 95.0.4638.69 FA

CVE-2021-37993 [HIGH] Chromium: CVE-2021-37993 Use after free in PDF Accessibility Chromium: CVE-2021-37993 Use after free in PDF Accessibility Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 95.0.1020.30 10/21/2021 95.0.4638.54 FAQ: