GitHub

chrome_array_map.rb

memory, which is then replaced with the payload. The payload is executed within the sandboxed renderer process, so the browser must be run with the --no-sandbox option for the payload to work ...
GitHub

chrome_cve_2021_21220_v8_insufficient_validation.rb

arbitrary code within the context of the V8 process. As the V8 process is normally sandboxed in the default configuration of Google Chrome, the browser must be run ...