Msrc Microsoft Edge Extended Stable vulnerabilities

CVE-2023-36027 [HIGH] Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 119.0.2151.58 11/09/2023 119.0.6045.123/.124 Extended Stable 118.0.2088.102 11/09/2023 118.0.5993.136 FAQ: What privileges could be gained by an attacker who successfully exploited th

CVE-2023-5996 [HIGH] Chromium: CVE-2023-5996 Use after free in WebAudio Chromium: CVE-2023-5996 Use after free in WebAudio Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 119.0.2151.58 11/09/2023 119.0.6045

CVE-2023-6112 [HIGH] Chromium: CVE-2023-6112 Use after free in Navigation Chromium: CVE-2023-6112 Use after free in Navigation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge

CVE-2023-36026 [MEDIUM] Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability FAQ: Why is the severity for this CVE rated as Moderate, but the CVSS score is higher than normal? Per our severity guidelines, the amount of user interaction or preconditions required to allow this sort of exploitation downgraded the severity, specifically it says, "If a bug requires more than a click, a key press, or several preconditions, the severity will be

CVE-2023-36022 [MEDIUM] Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of availability (A:L)? What does that mean for this vulnerability? The performance can be interrupted and/or reduced, but the attacker cannot fully deny service. FAQ: According to the CVSS metric, the attack vector is local (AV:L). W

CVE-2023-36008 [MEDIUM] CWE-416 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 119.0.2151.72 11/16/2023 119.0.6045.159/.160 Extended Stable 118.0.2088.109 11/16/2023 118.0.5993.144 FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why

CVE-2023-3730 [HIGH] Chromium: CVE-2023-3730 Use after free in Tab Groups Chromium: CVE-2023-3730 Use after free in Tab Groups Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 115.0.1901.183 115.0.5790.98/99

CVE-2023-3728 [HIGH] Chromium: CVE-2023-3728 Use after free in WebRTC Chromium: CVE-2023-3728 Use after free in WebRTC Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 115.0.1901.183 115.0.5790.98/99 7/21/20

CVE-2023-2725 [HIGH] Chromium: CVE-2023-2725 Use after free in Guest View Chromium: CVE-2023-2725 Use after free in Guest View Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge

CVE-2023-2724 [HIGH] Chromium: CVE-2023-2724 Type Confusion in V8 Chromium: CVE-2023-2724 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based

CVE-2023-2721 [HIGH] Chromium: CVE-2023-2721 Use after free in Navigation Chromium: CVE-2023-2721 Use after free in Navigation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge

CVE-2023-2722 [HIGH] Chromium: CVE-2023-2722 Use after free in Autofill UI Chromium: CVE-2023-2722 Use after free in Autofill UI Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Ed

CVE-2023-2723 [HIGH] Chromium: CVE-2023-2723 Use after free in DevTools Chromium: CVE-2023-2723 Use after free in DevTools Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Ch

CVE-2023-2726 [HIGH] Chromium: CVE-2023-2726 Inappropriate implementation in WebApp Installs Chromium: CVE-2023-2726 Inappropriate implementation in WebApp Installs Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OS

CVE-2023-1529 [CRITICAL] Chromium: CVE-2023-1529 Out of bounds memory access in WebHID Chromium: CVE-2023-1529 Out of bounds memory access in WebHID Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is cons

CVE-2023-1214 [HIGH] Chromium: CVE-2023-1214 Type Confusion in V8 Chromium: CVE-2023-1214 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based

CVE-2023-1218 [HIGH] Chromium: CVE-2023-1218 Use after free in WebRTC Chromium: CVE-2023-1218 Use after free in WebRTC Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromi

CVE-2023-1215 [HIGH] Chromium: CVE-2023-1215 Type Confusion in CSS Chromium: CVE-2023-1215 Type Confusion in CSS Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-bas

CVE-2023-1534 [HIGH] Chromium: CVE-2023-1534 Out of bounds read in ANGLE Chromium: CVE-2023-1534 Out of bounds read in ANGLE Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (

CVE-2023-1528 [HIGH] Chromium: CVE-2023-1528 Use after free in Passwords Chromium: CVE-2023-1528 Use after free in Passwords Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (