Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.
| Vendor | Product | Versions |
|---|---|---|
| microsoft | edge_chromium | 1.0.0.0 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| microsoft | edge | cert_advisory | 90% |
Updated affected versions to include 149.0.4022.68 and changed severity from HIGH to CRITICAL.
Added a detailed description of the vulnerability and marked it as actively exploited with an exploit available.
Initial creation