{"uuid": "b0a04bd4-3803-4c7f-8a7d-651a0919ed39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21225", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/5610", "content": "A Bug's Life: CVE-2021-21225\nIn this post, I want to showcase CVE-2021-21225, a vulnerability in V8's Array.prototype.concat implementation that I discovered in April 2021. It was used to gain code execution in Google Chrome's renderer process and won a $22000 bounty from Google which was donated to the EFF (matched by Google)\n\nhttps://tiszka.com/blog/CVE_2021_21225.html", "creation_timestamp": "2021-08-20T01:24:52.000000Z"}