Coming soon.
The first thing we do is find all sources and sinks in the file, and then loop through each pair of source and sink to see if a source reaches a sink.
Once we obtain def-use chains, we find all of the paths from source to sink.
After we get each vulnerability chain, we see how_vulnerable it is
There are a few different vulnerability types used in how_vulnerable.
Regular Sanitised Unknown
How we find secondary nodes
How we find sources/sinks
How def-use chains are used