Msrc Microsoft Edge vulnerabilities

CVE-2021-21218 [MEDIUM] Chromium: CVE-2021-21218 Uninitialized Use in PDFium Chromium: CVE-2021-21218 Uninitialized Use in PDFium Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 90.0.818.39 4/15/2021 90.0.4430.72 FAQ: Why is this Chro

CVE-2021-21209 [MEDIUM] Chromium: CVE-2021-21209 Inappropriate implementation in storage Chromium: CVE-2021-21209 Inappropriate implementation in storage Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 90.0.818.39 4/15/2021 90.0.4430.72

CVE-2021-21208 [MEDIUM] Chromium: CVE-2021-21208 Insufficient data validation in QR scanner Chromium: CVE-2021-21208 Insufficient data validation in QR scanner Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 90.0.818.39 4/15/2021 90.0.4

CVE-2021-21216 [MEDIUM] Chromium: CVE-2021-21216 Inappropriate implementation in Autofill Chromium: CVE-2021-21216 Inappropriate implementation in Autofill Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 90.0.818.39 4/15/2021 90.0.4430.

CVE-2021-21228 [MEDIUM] Chromium: CVE-2021-21228 Insufficient policy enforcement in extensions Chromium: CVE-2021-21228 Insufficient policy enforcement in extensions Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 90.0.818.51 4/29/2021

CVE-2021-21215 [MEDIUM] Chromium: CVE-2021-21215 Inappropriate implementation in Autofill Chromium: CVE-2021-21215 Inappropriate implementation in Autofill Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 90.0.818.39 4/15/2021 90.0.4430.

CVE-2021-21217 [MEDIUM] Chromium: CVE-2021-21217 Uninitialized Use in PDFium Chromium: CVE-2021-21217 Uninitialized Use in PDFium Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 90.0.818.39 4/15/2021 90.0.4430.72 FAQ: Why is this Chro

CVE-2021-21211 [MEDIUM] Chromium: CVE-2021-21211 Inappropriate implementation in Navigation Chromium: CVE-2021-21211 Inappropriate implementation in Navigation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 90.0.818.39 4/15/2021 90.0.4

CVE-2021-21212 [MEDIUM] Chromium: CVE-2021-21212 Incorrect security UI in Network Config UI Chromium: CVE-2021-21212 Incorrect security UI in Network Config UI Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 90.0.818.39 4/15/2021 90.0.4

CVE-2021-21221 [MEDIUM] Chromium: CVE-2021-21221 Insufficient validation of untrusted input in Mojo Chromium: CVE-2021-21221 Insufficient validation of untrusted input in Mojo Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 90.0.818.39

CVE-2021-21210 [MEDIUM] Chromium: CVE-2021-21210 Inappropriate implementation in Network Chromium: CVE-2021-21210 Inappropriate implementation in Network Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 90.0.818.39 4/15/2021 90.0.4430.72

CVE-2021-21229 [MEDIUM] Chromium: CVE-2021-21229 Incorrect security UI in downloads Chromium: CVE-2021-21229 Incorrect security UI in downloads Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 90.0.818.51 4/29/2021 90.0.4430.93 FAQ: Wh

CVE-2021-21219 [MEDIUM] Chromium: CVE-2021-21219 Uninitialized Use in PDFium Chromium: CVE-2021-21219 Uninitialized Use in PDFium Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 90.0.818.39 4/15/2021 90.0.4430.72 FAQ: Why is this Chro

CVE-2020-27844 [HIGH] Chromium CVE-2020-27844: Heap buffer overflow in OpenJPEG Chromium CVE-2020-27844: Heap buffer overflow in OpenJPEG Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Mic

CVE-2021-21190 [HIGH] Chromium CVE-2021-21190 : Uninitialized Use in PDFium Chromium CVE-2021-21190 : Uninitialized Use in PDFium Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft

CVE-2021-21191 [HIGH] Chromium CVE-2021-21191: Use after free in WebRTC Chromium CVE-2021-21191: Use after free in WebRTC Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 89.0.774.54 3/13/2021 89.0.4389.90 FAQ: Why is this Chrome CVE i

CVE-2021-21166 [HIGH] Chromium CVE-2021-21166: Object lifecycle issue in audio Chromium CVE-2021-21166: Object lifecycle issue in audio Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. This CVE has been reported to be exploited in the wild. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chrom

CVE-2021-21174 [HIGH] Chromium CVE-2021-21174: Inappropriate implementation in Referrer Chromium CVE-2021-21174: Inappropriate implementation in Referrer Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which i

CVE-2021-21161 [HIGH] Chromium CVE-2021-21161: Heap buffer overflow in TabStrip Chromium CVE-2021-21161: Heap buffer overflow in TabStrip Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Mic

CVE-2021-21162 [HIGH] Chromium CVE-2021-21162: Use after free in WebRTC Chromium CVE-2021-21162: Use after free in WebRTC Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chr