diff options
author | Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com> | 2023-04-23 09:30:17 +0330 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-04-23 06:00:17 +0000 |
commit | a6748ec3424340cd5c88ca057045ddfacc84b1dd (patch) | |
tree | 3edc4dcb86d2c72269ae0781f972f38a9b59e5b9 /SECURITY.md | |
parent | 511d40cecd8dd8aa15c288f8037f398fe7186ae0 (diff) | |
download | node-new-a6748ec3424340cd5c88ca057045ddfacc84b1dd.tar.gz |
doc: fix typos in SECURITY.md
PR-URL: https://github.com/nodejs/node/pull/47677
Reviewed-By: Daeyeon Jeong <daeyeon.dev@gmail.com>
Reviewed-By: Deokjin Kim <deokjin81.kim@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Diffstat (limited to 'SECURITY.md')
-rw-r--r-- | SECURITY.md | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/SECURITY.md b/SECURITY.md index 02c9f83aa3..e815fbbd53 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -126,7 +126,7 @@ lead to a loss of confidentiality, integrity, or availability. See <https://nodejs.org/api/modules.html#all-together>. Any unexpected behavior from the data manipulation from Node.js Internal -functions may be considered a vulnerability if they are expoitable via +functions may be considered a vulnerability if they are exploitable via untrusted resources. In addition to addressing vulnerabilities based on the above, the project works @@ -144,7 +144,7 @@ the community they pose. #### Improper Certificate Validation (CWE-295) * Node.js provides APIs to validate handling of Subject Alternative Names (SANs) - in certficates used to connect to a TLS/SSL endpoint. If certificates can be + in certificates used to connect to a TLS/SSL endpoint. If certificates can be crafted which result in incorrect validation by the Node.js APIs that is considered a vulnerability. |