Microsoft Edge is a Chromium based internet browser made by Microsoft, which is installed by default on all new Windows computers. Multiple security vulnerabilities were identified in Microsoft Edge. Vulnerabilities affect Microsoft Edge (Chromium-based) prior to 95.0.1020.30 version. Details of the vulnerabilities are as follows:

• Information Disclosure Vulnerability – CVE-2021-42307;

• Heap buffer overflow in Skia – CVE-2021-37981;

• Use after free in Incognito – CVE-2021-37982;

• Use after free in Dev Tools – CVE-2021-37983;

• Heap buffer overflow in PDFium – CVE-2021-37984;

• Use after free in V8 – CVE-2021-37985;

• Heap buffer overflow in Settings – CVE-2021-37986;

• Use after free in Network APIs – CVE-2021-37987;

• Use after free in Profiles – CVE-2021-37988;

• Inappropriate implementation vulnerability in Blink – CVE-2021-37989;

• Inappropriate implementation vulnerability in WebView – CVE-2021-37990;

• Race condition in V8 – CVE-2021-37991;

• Out of bounds read in WebAudio – CVE-2021-37992;

• Use after free in PDF Accessibility – CVE-2021-37993;

• Inappropriate implementation vulnerability in iFrame Sandbox – CVE-2021-37994;

• Inappropriate implementation in WebApp Installer – CVE-2021-37995;

• Insufficient validation of untrusted input in Downloads – CVE-2021-37996.