Deserialization of untrusted data in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
| Vendor | Product | Versions |
|---|---|---|
| microsoft | edge | 1.0.0.0 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| microsoft | edge | cert_advisory | 90% |
Updated affected versions to include 149.0.4022.68 and changed severity from HIGH to CRITICAL.
Added a detailed description of the vulnerability and marked it as actively exploited with an exploit available.
Initial creation