Skip to content

Commit

Permalink
doc: add json entry for latest sec vuln
Browse files Browse the repository at this point in the history
PR-URL: nodejs/security-wg#46
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Vladimir Kurchatkin <vladimir.kurchatkin@gmail.com>
  • Loading branch information
mattstern31 committed Oct 2, 2017
1 parent 36e1086 commit 90d4389
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions vuln/core/42.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
{
"cve": [
"CVE-2017-14849"
],
"vulnerable": "8.5.0",
"patched": "^8.6.0",
"ref": "https://nodejs.org/en/blog/vulnerability/september-2017-path-validation/",
"overview": "Node.js version 8.5.0 included a change which caused a security vulnerability in the checks on paths made by some community modules. As a result, an attacker may be able to access file system paths other than those intended."
}

0 comments on commit 90d4389

Please sign in to comment.