OP is right. Functional programming is more secure and reliable than imperative programming. There are no buffer overflows when code is formally specified and verified. It's next to impossible to do this for imperative code but very easy to do for functional code [0].

0: https://www.microsoft.com/en-us/research/project/project-eve...