Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability -CVE-2022-38012
September 29, 2022
Alert Severity: High
Issue Date: 2022-09-13
Last Update: 2022-09-29
CVE(s): CVE-2022-38012
CVSS Score: 7.7
Impacted Products and Versions: Microsoft Edge Version < 105.0.1343.25
Description:
Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. This vulnerability could lead to a browser sandbox escape.
Mitigation:
Upgrade Microsoft Edge browser to latest version 105.0.1343.42.
On 27 Sep 2022 Microsoft confirms that they are aware of vulnerability and working on releasing a security fix. Latest stable version of Edge browser was release by Microsoft on 15 Sep 2022 – Microsoft Edge Stable Channel (Version 105.0.1343.42)
Multiple vulnerabilities found in Drupal core – SA-CORE-2022-016
Vulnerabilities in Zoom On-Premise Meeting Connector
