|
|
|
|
|
|
by high_byte
66 days ago
|
|
|
"The correct answer: not currently vulnerable, but the code is fragile and one refactor away from being exploitable." absolutely. I see this pattern all the time when doing security audits - code that is nearly-vulnerable. I would mark these things as informational and recommend to harden them anyway, and any model would do a good job to do the same. |
|
|