Skip to content

Commit

Permalink
doc: fix typos in SECURITY.md
Browse files Browse the repository at this point in the history
PR-URL: nodejs#47677
Reviewed-By: Daeyeon Jeong <daeyeon.dev@gmail.com>
Reviewed-By: Deokjin Kim <deokjin81.kim@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
  • Loading branch information
VoltrexKeyva authored and MoLow committed Jul 6, 2023
1 parent 8651ea8 commit b4ca788
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@ lead to a loss of confidentiality, integrity, or availability.
See <https://nodejs.org/api/modules.html#all-together>.

Any unexpected behavior from the data manipulation from Node.js Internal
functions may be considered a vulnerability if they are expoitable via
functions may be considered a vulnerability if they are exploitable via
untrusted resources.

In addition to addressing vulnerabilities based on the above, the project works
Expand All @@ -144,7 +144,7 @@ the community they pose.
#### Improper Certificate Validation (CWE-295)

* Node.js provides APIs to validate handling of Subject Alternative Names (SANs)
in certficates used to connect to a TLS/SSL endpoint. If certificates can be
in certificates used to connect to a TLS/SSL endpoint. If certificates can be
crafted which result in incorrect validation by the Node.js APIs that is
considered a vulnerability.

Expand Down

0 comments on commit b4ca788

Please sign in to comment.