{"uuid": "635c48e5-5b6c-4624-8ed5-596963aa5ba7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-33742", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3847", "content": "#exploit\n1. CVE-2021-34558:\nThe crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA-key exchange, allowing a malicious TLS server to cause a TLS client to panic (PoC)\nhttps://github.com/alexzorin/cve-2021-34558\n\n2. CVE-2021-30551:\nChrome Type Confusion in V8\nhttps://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-30551.html\n\n3. CVE-2021-33742:\nIE out-of-bounds write in MSHTML\nhttps://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-33742.html", "creation_timestamp": "2021-12-07T03:28:57.000000Z"}