[The 2018 vulnerability that was fixed but undisclosed for 2 years](https://www.coindesk.com/high-severity-bug-in-bitcoin-software-revealed-2-years-after-fix) gives me fear, uncertainty and doubt about Bitcoin development. On one hand, good thing no attackers could take advantage, on the other hand if only a handful of people knew about the attack that could indicate a centralisation and attack vector if these developers were malicious
Can someone explain how the vulnerability were introduced and dealt with? Was it really only a few people that knew about the vulnerability? Is every code reveiewed thoroughly by enough people before being merged into Bitcoin core?
View Reddit by fillet_b – View Source