CVE-2023-29334

Опубликовано: 28 апр. 2023

Источник: msrc

CVSS3: 4.3

EPSS Низкий

Описание

Microsoft Edge (Chromium-based) Spoofing Vulnerability

FAQ

What is the version information for this release?

Microsoft Edge Version	Date Released	Based on Chromium Version
112.0.1722.48	4/15/2023	112.0.5615.121
109.01518.100	4/24/2023	109.0.5414.141

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this could bypass the Edge security warning message feature.

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 59%

0.00375

Низкий

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2023-29334

CVSS3: 4.3

nvd

почти 3 года назад

Microsoft Edge (Chromium-based) Spoofing Vulnerability

GHSA-v5gr-fcfr-rv99

CVSS3: 4.3

github

почти 3 года назад

Microsoft Edge (Chromium-based) Spoofing Vulnerability

BDU:2023-02561

CVSS3: 4.3

fstec

почти 3 года назад

Уязвимость браузера Microsoft Edge, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю выполнить спуфинговую атаку

EPSS

Процентиль: 59%

0.00375

Низкий

4.3 Medium

CVSS3