I may be mistaken, but I'm interpreting the bars as meaning the span of dates during which that particular exploit chain worked against the latest version of iOS.

Chain 1: iOS 10 launched 13 Sep 2016 and 10.1.1 lost relevance when 10.2 was launched on 12 Dec 2016

Chain 2: iOS 10.3 was launched 27 Mar 2017 and lost relevance when iOS 11 was launched on 19 Sep 2017.

Chain 3: iOS 11 was launched 19 Sep 2017 and lost relevance with the release of iOS 11.4.1 on 9 July 2018

Chain 5: iOS 11.4.1 was launched on 9 July 2018 and worked until the release of 12.1.3 on 22 Jan 2019.

Chain 4: iOS 12 was launched 17 Sep 2018 and worked until 12.1.1 which was released on 5 Dec 2018.

The span of dates during which a particular version of iOS was the latest release does not necessarily mean that exploit chain was active contemporaneously. I can think of several reasons for someone to be unable to upgrade to the latest version of iOS, requiring an attacker to maintain and deploy exploit chains for multiple versions of iOS simultaneously.

1) Apple has historically dropped support for older iPhones with each new iOS major version.

2) Users who jailbreak tend to refuse to update until a jailbreak emerges for the new version.

3) Some users are slow to update

4) Some users might just refuse to update

Because of this reasoning I find it plausible that Apple only has evidence that the exploit chains were active for only two months and that the attacker chose to deploy the five chains for only two months. I do not find Google's chart insightful for understanding this attack.

None of the exploit chains Google found support iPhones too old to receive the latest iOS version, probably because that would require 32-bit versions of the exploits. There also doesn't seem to be any 10.0.x or 10.1.x-only jailbreaks, so that doesn't explain the ancient exploits for those versions either; there seem to have been a few months at the end of 2017 where the best jailbreak was a 10.2.1-only one, but that version ain't supported by any of the exploits here and it was quickly obsoleted by jailbreaks which supported all 10.x versions. (Interestingly, those jailbreaks used the same bug as exploit 2 here, but they supported more versions and used different techniques to exploit it. That strongly suggests this exploit was developed and used prior to the release of those jailbreaks in late 2017/early 2018.)

Also, note that the exploit used in chain 4 was unpatched when Google discovered it. It looks like the reason it doesn't support newer iOS versions is because they abandoned it in favour of the cleaner chain 5, which entirely obsoletes it in terms of versions and devices targeted. Just this pair of exploits alone suggest that the attack was live in the wild for at least a year.

In theory I suspect that most recent exploit could be backported to cover all the iOS versions covered by all the other exploits too (and some they missed) but they just didn't bother.

Semi-unthethered jailbreaks exist for 32-bit iOS devices running upto iOS 10.3.3. I wonder whether complete exploit chain as detailed in the project zero wasn't possible for 32-bit devices or the attackers just didn't care about those devices.