{"vulnerability": "CVE-2021-21156", "sightings": [{"uuid": "3f43f37e-7d4f-491e-bd31-6fdbb376de4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21156", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/427", "content": "CVE-2021-21156&CVE-2021-21148 Chrome Array Transfer \u7e5e\u904e\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-21156%26CVE-2021-21148_Chrome_Array_Transfer_%E7%B9%9E%E9%81%8E%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-05-15T05:05:20.000000Z"}, {"uuid": "9a0f4cd4-d0a3-471d-abb7-0384ec5168fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21156", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3428", "content": "#exploit\nCVE-2021-21148,\nCVE-2021-21156:\nChrome Array Transfer Bypass (PoC)\n\n// The fix for CVE-2021-21148 has added a check in |ValueSerializer::WriteJSArrayBuffer| to make sure non-detachable array buffers cannot be transferred. The check can be bypassed with the help of asm.js and property getters", "creation_timestamp": "2021-05-22T13:03:01.000000Z"}, {"uuid": "f673de21-a81b-4e6d-afc9-d95e29fb71e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21156", "type": "seen", "source": "https://t.me/cibsecurity/23964", "content": "\u203c CVE-2021-21156 \u203c\n\nHeap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-23T00:34:06.000000Z"}]}