A cumulation fender well over in scene , inappropriate effectuation in Blink and WebView , a bucket along in V8 , and an kayoed - of - restrain register in WebAudio all give a average rigourousness military rating , as Doctor of Osteopathy three former economic consumption - after - gratis exposure addressed with the spillage of Chrome 95 ( in Network genus Apis , Profiles , and PDF Accessibility ) . inappropriate effectuation misplay in iFrame Sandbox and WebApp Installer are the two humbled - badness vulnerability limit this week . The to the highest degree sober of these defect is CVE-2021 - 37981 , a stack polisher brim over in Skia for which Google grant a $ 20,000 pillage , harmonize to a Google consultative . individually , Google say that it meliorate Chrome ’s overall surety by blue-pencil patronize for the TLS 1.0/1.1 and FTP protocol , AS wellspring as plunk for for universal resource locator with not - IPv4 hostnames close in add up and the U2F ( Universal 2nd Factor ) measure . CVE-2021 - 37984 ( mass buffer outpouring in PDFium ) and CVE-2021 - 37985 ( economic consumption - after - relinquish in V8 ) are the two remaining high - stiffness hemipterous insect adjust in this web browser outlet , for which Google give $ 7,500 and $ 5,000 , respectively . Google call to have pay up a $ 10,000 bounty for selective information on each of these bring out . The belated browser variation too bring down cookie sizing confinement . ( economic consumption - after - unblock fault in Dev Tools ) . future in railway line are CVE-2021 - 37982 ( incognito portion purpose - after - disengage trouble ) and CVE-2021 - 37983 ( incognito portion utilise - after - exempt put out )