The to the highest degree grievous of these flaw is CVE-2021 - 37981 , a hatful buffer storage outpouring in Skia for which Google award a $ 20,000 appreciate , harmonise to a Google consultatory . adjacent in seam are CVE-2021 - 37982 ( incognito constituent economic consumption - after - complimentary problem ) and CVE-2021 - 37983 ( incognito element practice - after - detached emergence ) ( exercise - after - free erroneousness in Dev Tools ) . Google arrogate to have make up a $ 10,000 premium for entropy on each of these takings . CVE-2021 - 37984 ( stack fender overrun in PDFium ) and CVE-2021 - 37985 ( habit - after - resign in V8 ) are the two stay on luxuriously - rigorousness bug correct in this web browser turn , for which Google pay up $ 7,500 and $ 5,000 , respectively . A flock buffer spill over in mount , incompatible implementation in Blink and WebView , a rush in V8 , and an extinct - of - restrict study in WebAudio all receive a culture medium rigour rate , as set three former enjoyment - after - destitute vulnerability handle with the firing of Chrome 95 ( in Network genus Apis , Profiles , and PDF Accessibility ) . incompatible execution misplay in iFrame Sandbox and WebApp Installer are the two depression - hardship exposure secure this hebdomad . one by one , Google declared that it ameliorate Chrome ’s boilers suit security measures by delete indorse for the TLS 1.0/1.1 and FTP protocol , antiophthalmic factor substantially as stick out for URL with non - IPv4 hostnames cease in numbers and the U2F ( Universal 2nd Factor ) standard . The latest browser reading also visit biscuit size restriction .