The Java language doesn't have a goto statement, and so all code is properly structured. A labeled break statement is almost a goto statement, but it still obeys structuring rules -- i.e., you cannot jump into the middle of a loop.
At the bytecode level, all structured constructs get compiled into forms that rely on goto statements. Is this inherently insecure? Should the bytecode require structured programming too? How does this guard against malicious use any more than verified bytecode that relies on gotos?
That doesn’t make code insecure, it’s just extremely powerful and very useful for compilers and optimizations even if wouldn’t be desired in a modern language for issues that gave nothing to do with security.
