CVEs have been published or revised in the Security Update Guide June 2, 2023

June 2, 2023

These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

CVE-2023-2929

· Title: Chromium: CVE-2023-2929 Out of bounds write in Swiftshader

· Version: 1.0

· Reason for revision: Information published.

· Originally released: June 2, 2023

· Last updated: June 2, 2023

· Aggregate CVE Severity Rating:

CVE-2023-2930

· Title: Chromium: CVE-2023-2930 Use after free in Extensions

· Version: 1.0

· Reason for revision: Information published.

· Originally released: June 2, 2023

· Last updated: June 2, 2023

· Aggregate CVE Severity Rating:

CVE-2023-2931

· Title: Chromium: CVE-2023-2931 Use after free in PDF

· Version: 1.0

· Reason for revision: Information published.

· Originally released: June 2, 2023

· Last updated: June 2, 2023

· Aggregate CVE Severity Rating:

CVE-2023-2932

· Title: Chromium: CVE-2023-2932 Use after free in PDF

· Version: 1.0

· Reason for revision: Information published.

· Originally released: June 2, 2023

· Last updated: June 2, 2023

· Aggregate CVE Severity Rating:

CVE-2023-2933

· Title: Chromium: CVE-2023-2933 Use after free in PDF

· Version: 1.0

· Reason for revision: Information published.

· Originally released: June 2, 2023

· Last updated: June 2, 2023

· Aggregate CVE Severity Rating:

CVE-2023-2934

· Title: Chromium: CVE-2023-2934 Out of bounds memory access in Mojo

· Version: 1.0

· Reason for revision: Information published.

· Originally released: June 2, 2023

· Last updated: June 2, 2023

· Aggregate CVE Severity Rating:

CVE-2023-29345

· Title: Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

· Version: 1.0

· Reason for revision: Information published.

· Originally released: June 2, 2023

· Last updated: June 2, 2023

· Aggregate CVE Severity Rating: Low

CVE-2023-2935

· Title: Chromium: CVE-2023-2935 Type Confusion in V8

· Version: 1.0

· Reason for revision: Information published.

· Originally released: June 2, 2023

· Last updated: June 2, 2023

· Aggregate CVE Severity Rating:

CVE-2023-2936

· Title: Chromium: CVE-2023-2936 Type Confusion in V8

· Version: 1.0

· Reason for revision: Information published.

· Originally released: June 2, 2023

· Last updated: June 2, 2023

· Aggregate CVE Severity Rating:

CVE-2023-2937

· Title: Chromium: CVE-2023-2937 Inappropriate implementation in Picture In Picture

· Version: 1.0

· Reason for revision: Information published.

· Originally released: June 2, 2023

· Last updated: June 2, 2023

· Aggregate CVE Severity Rating:

CVE-2023-2938

· Title: Chromium: CVE-2023-2938 Inappropriate implementation in Picture In Picture

· Version: 1.0

· Reason for revision: Information published.

· Originally released: June 2, 2023

· Last updated: June 2, 2023

· Aggregate CVE Severity Rating:

CVE-2023-2939

· Title: Chromium: CVE-2023-2939 Insufficient data validation in Installer

· Version: 1.0

· Reason for revision: Information published.

· Originally released: June 2, 2023

· Last updated: June 2, 2023

· Aggregate CVE Severity Rating:

CVE-2023-2940

· Title: Chromium: CVE-2023-2940 Inappropriate implementation in Downloads

· Version: 1.0

· Reason for revision: Information published.

· Originally released: June 2, 2023

· Last updated: June 2, 2023

· Aggregate CVE Severity Rating:

CVE-2023-2941

· Title: Chromium: CVE-2023-2941 Inappropriate implementation in Extensions API

· Version: 1.0

· Reason for revision: Information published.

· Originally released: June 2, 2023

· Last updated: June 2, 2023

· Aggregate CVE Severity Rating:

CVE-2023-33143

· Title: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

· Version: 1.0

· Reason for revision: Information published.

· Originally released: June 2, 2023

· Last updated: June 2, 2023

· Aggregate CVE Severity Rating: Moderate