Security
Headlines
HeadlinesLatestCVEs

Tag

#Microsoft Edge (Chromium-based)

CVE-2024-4950: Chromium: CVE-2024-4950 Inappropriate implementation in Downloads

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221

Microsoft Security Response Center
#microsoft#chrome#Microsoft Edge (Chromium-based)#Security Vulnerability
CVE-2024-4949: Chromium: CVE-2024-4949 Use after free in V8

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221

CVE-2024-4948: Chromium: CVE-2024-4948 Use after free in Dawn

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221

CVE-2024-4947: Chromium: CVE-2024-4947 Type Confusion in V8

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221

CVE-2024-30056: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on a specially crafted URL to be compromised by the attacker.

CVE-2024-4761: Chromium: CVE-2024-4761 Out of bounds write in V8

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

CVE-2024-4671: Chromium: CVE-2024-4671 Use after free in Visuals

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.97 5/10/2024 124.0.6367.155/.156

CVE-2024-4559: Chromium: CVE-2024-4559 Heap buffer overflow in WebAudio

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

CVE-2024-4558: Chromium: CVE-2024-4558 Use after free in ANGLE

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

CVE-2024-30055: Microsoft Edge (Chromium-based) Spoofing Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on a specially crafted URL to be compromised by the attacker.