OSSForks/node
1
0
Fork 0
mirror of https://github.com/zebrajr/node.git synced 2026-01-15 12:15:26 +00:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

doc: fix typos in SECURITY.md

Browse Source 
PR-URL: https://github.com/nodejs/node/pull/47677
Reviewed-By: Daeyeon Jeong <daeyeon.dev@gmail.com>
Reviewed-By: Deokjin Kim <deokjin81.kim@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
This commit is contained in:
Mohammed Keyvanzadeh
2023-04-23 09:30:17 +03:30
committed by GitHub
parent 511d40cecd
commit a6748ec342
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
SECURITY.md
View File

@@ -126,7 +126,7 @@ lead to a loss of confidentiality, integrity, or availability.
See <https://nodejs.org/api/modules.html#all-together>.
Any unexpected behavior from the data manipulation from Node.js Internal
functions may be considered a vulnerability if they are expoitable via
functions may be considered a vulnerability if they are exploitable via
untrusted resources.
In addition to addressing vulnerabilities based on the above, the project works
@@ -144,7 +144,7 @@ the community they pose.
#### Improper Certificate Validation (CWE-295)
* Node.js provides APIs to validate handling of Subject Alternative Names (SANs)
in certficates used to connect to a TLS/SSL endpoint. If certificates can be
in certificates used to connect to a TLS/SSL endpoint. If certificates can be
crafted which result in incorrect validation by the Node.js APIs that is
considered a vulnerability.