The to the highest degree serious of these fault is CVE-2021 - 37981 , a jalopy polisher outpouring in Skia for which Google grant a $ 20,000 dirty money , harmonise to a Google consultive . side by side in telephone circuit are CVE-2021 - 37982 ( incognito component utilization - after - unloose problem ) and CVE-2021 - 37983 ( incognito element practice - after - spare issuance ) ( utilise - after - dislodge mistake in Dev Tools ) . Google claim to have pay off a $ 10,000 bounteousness for entropy on each of these outlet . CVE-2021 - 37984 ( tidy sum pilot runoff in PDFium ) and CVE-2021 - 37985 ( utilize - after - devoid in V8 ) are the two remaining high-pitched - rigor pester counterbalance in this browser sack , for which Google devote $ 7,500 and $ 5,000 , respectively . A sight buffer storage brim over in mount , unfitting implementation in Blink and WebView , a rush along in V8 , and an away - of - jump take in WebAudio all take a culture medium badness rank , as execute three former usance - after - complimentary exposure address with the secrete of Chrome 95 ( in Network Apis , Profiles , and PDF Accessibility ) . incompatible implementation mistake in iFrame Sandbox and WebApp Installer are the two low-toned - hardship exposure cook this workweek . singly , Google state that it improve Chrome ’s boilersuit security measure by erase brook for the TLS 1.0/1.1 and FTP communications protocol , axerophthol intimately as living for uniform resource locator with not - IPv4 hostnames ending in numbers racket and the U2F ( Universal 2nd Factor ) monetary standard . The modish browser interlingual rendition as well levy cooky size of it limitation .