{"uuid": "40e162c5-16c0-438e-8263-fca14f8dcfab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21225", "type": "published-proof-of-concept", "source": "https://t.me/D4RKW0R1D/6528", "content": "A Bug's Life: CVE-2021-21225\nIn this post, I want to showcase CVE-2021-21225, a vulnerability in V8's Array.prototype.concat implementation that I discovered in April 2021. It was used to gain code execution in Google Chrome's renderer process and won a $22000 bounty from Google which was donated to the EFF (matched by Google)\n\nhttps://tiszka.com/blog/CVE_2021_21225.html", "creation_timestamp": "2021-08-20T16:03:39.000000Z"}