The vulnerable code had a lot of refactors in its lifetime.
A vulnerability with this tag has had at least 10 separate weeks where at least one commit mentioned the word "refactoring" in the commit message.
Refactoring is generally considered to be a good practice to be doing regularly. It indicates regular maintenance and attention. While refactoring doesn't yield new features or fix defects, it greatly reduces the cost of them.