Google gave out over $8,000 in rewards for this version with the biggest reward going to Sergey Glazunov for an integer overflow bug. The only critical vulnerability listed for this release is a memory corruption in the vertex handling. It was found by Michael Braithwaite of Turbulenz Limited and he was rewarded $1337 for his efforts.
The security fixes are:
- [$1000] [Windows only]  Medium CVE-2011-2822: URL parsing confusion on the command line. Credit to Vladimir Vorontsov, ONsec company.
-  High CVE-2011-2823: Use-after-free in line box handling. Credit to Google Chrome Security Team (SkyLined) and independent later discovery by miaubiz.
- [$1000]  High CVE-2011-2824: Use-after-free with counter nodes. Credit to miaubiz.
-  High CVE-2011-2825: Use-after-free with custom fonts. Credit to wushi of team509 reported through ZDI (ZDI-CAN-1283), plus indepdendent later discovery by miaubiz.
- [$1000]  High CVE-2011-2821: Double free in libxml XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
- [$1000]  High CVE-2011-2826: Cross-origin violation with empty origins. Credit to Sergey Glazunov.
- [$1337] [Windows only]  Critical CVE-2011-2806: Memory corruption in vertex handing. Credit to Michael Braithwaite of Turbulenz Limited.
- [$1000]  High CVE-2011-2827: Use-after-free in text searching. Credit to miaubiz.
-  High CVE-2011-2828: Out-of-bounds write in v8. Credit to Google Chrome Security Team (SkyLined).
- [$1500] [32-bit only]  High CVE-2011-2829: Integer overflow in uniform arrays. Credit to Sergey Glazunov.
- [$1000] [Linux only]  High CVE-2011-2839: Buggy memset() in PDF. Credit to Aki Helin of OUSPG.
Note that the referenced bugs are kept private by Google until a majority of users are up to date with the fix.