Our purpose as Fluid Attacks is to provide value through the vulnerabilities we report. Therefore, we are continuously working on improving our processes to generate more accurate reports.

After an exhaustive review, we decided to remove all vulnerability reports of the following typologies:

• 060. Insecure exceptions
• 061. Errors without traceability
• 070. Inappropriate coding practices - Wildcard import
• 073. Conditional statement without a default option

We did this because we consider these typologies as recommendations of programming practices and not vulnerabilities per se. Following this decision, we have been removing these recommendations from the ARM so that development teams can focus on remediation of the reported vulnerabilities.