The problem with full, immediate disclosure is its pretty easy to build an exploit for a known CVE.
Switching Nginx out in your infrastructure (for instance) isn't a simple trick at scale when you have a heavily customized install. (e.g. OpenResty with routing code)
Switching Nginx out in your infrastructure (for instance) isn't a simple trick at scale when you have a heavily customized install. (e.g. OpenResty with routing code)