which kind of security vulnerability?

A newly discovered flaw in a software application would be considered which kind of security
vulnerability?

A.
Input validation flaw

B.
HTTP header injection vulnerability

C.
0-day vulnerability

D.
Time-to-check to time-to-use flaw