CVE-2022-4103511.10.2022, 19:15Microsoft Edge (Chromium-based) Spoofing VulnerabilityRace ConditionEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST5.3 MEDIUMNETWORKHIGHNONECVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:NmicrosoftCNA5.3 MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:CCVEADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 44%VendorProductVersionmicrosoftedge_chromium𝑥< 106.0.1370.34𝑥= Vulnerable software versionsCommon Weakness EnumerationCWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.Referenceshttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41035https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41035https://security.gentoo.org/glsa/202210-16