QID 375742
Date Published: 2021-07-23
QID 375742: Microsoft Edge Based On Chromium Prior to 92.0.902.55 Multiple Vulnerabilities
Microsoft Edge is a cross-platform web browser developed by Microsoft.
CVE-2021-36931 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2021-36929 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
CVE-2021-36928 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2021-30589 Chromium: CVE-2021-30589 Insufficient validation of untrusted input in Sharing
CVE-2021-30588 Chromium: CVE-2021-30588 Type Confusion in V8
CVE-2021-30587 Chromium: CVE-2021-30587 Inappropriate implementation in Compositing on Windows
CVE-2021-30586 Chromium: CVE-2021-30586 Use after free in dialog box handling on Windows
CVE-2021-30585 Chromium: CVE-2021-30585 Use after free in sensor handling
CVE-2021-30584 Chromium: CVE-2021-30584 Incorrect security UI in Downloads
CVE-2021-30583 Chromium: CVE-2021-30583 Insufficient policy enforcement in image handling on Windows
CVE-2021-30582 Chromium: CVE-2021-30582 Inappropriate implementation in Animation
CVE-2021-30581 Chromium: CVE-2021-30581 Use after free in DevTools
CVE-2021-30580 Chromium: CVE-2021-30580 Insufficient policy enforcement in Android intents
CVE-2021-30579 Chromium: CVE-2021-30579 Use after free in UI framework
CVE-2021-30578 Chromium: CVE-2021-30578 Uninitialized Use in Media
CVE-2021-30577 Chromium: CVE-2021-30577 Insufficient policy enforcement in Installer
CVE-2021-30576 Chromium: CVE-2021-30576 Use after free in DevTools
CVE-2021-30575 Chromium: CVE-2021-30575 Out of bounds read in Autofill
CVE-2021-30574 Chromium: CVE-2021-30574 Use after free in protocol handling
CVE-2021-30573 Chromium: CVE-2021-30573 Use after free in GPU
CVE-2021-30572 Chromium: CVE-2021-30572 Use after free in Autofill
CVE-2021-30571 Chromium: CVE-2021-30571 Insufficient policy enforcement in DevTools
CVE-2021-30569 Chromium: CVE-2021-30569 Use after free in sqlite
CVE-2021-30568 Chromium: CVE-2021-30568 Heap buffer overflow in WebGL
CVE-2021-30567 Chromium: CVE-2021-30567 Use after free in DevTools
CVE-2021-30566Chromium: CVE-2021-30566 Stack buffer overflow in Printing
CVE-2021-30565Chromium: CVE-2021-30565 Out of bounds write in Tab Groups
Affected Versions:
Microsoft Edge Based On Chromium versions before 92.0.902.55
QID Detection Logic: (authenticated)
Operating System: Windows
The install path is checked via registry "HKLM\SOFTWARE\Clients\StartMenuInternet\Microsoft Edge\shell\open\command". The version is checked via file msedge.exe.
Operating System: MacOS
The QID checks for the version of Microsoft Edge Based On Chromium app.
Successful exploitation of these vulnerabilities may allow an low privileged attacker to elevate their privileges or bypass secure boot and load untrusted software to the target system.
- Edge (chromium based) 92.0.902.55 -
docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#july-22-2021
CVEs related to QID 375742
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| Version 92.0.902.55 |
docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#july-22-2021 |