All exploits here achieve shellcode execution inside the sandboxed renderer process (WebContent) on iOS. Chrome on iOS would have also been vulnerable to these initial browser exploits. None of the exploits bypassed the new, PAC-based JIT hardenings that are enabled on A12 devices. The exploit writeups are sorted by the most recent iOS version the exploit supports as indicated by a version check in the exploit code itself. If that version check was missing from the exploit, the supported version range was guessed based on the date of the fix and the previous exploits.”]
Source: https://googleprojectzero.blogspot.com/2019/08/jsc-exploits.html