From 57ce43f6e3ea4feeba99fac167bac72f1e1558fe Mon Sep 17 00:00:00 2001 From: Michael Dawson Date: Thu, 16 Feb 2023 17:35:37 -0500 Subject: [PATCH] Update locale/en/blog/vulnerability/february-2023-security-releases.md Signed-off-by: Michael Dawson --- locale/en/blog/vulnerability/february-2023-security-releases.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/locale/en/blog/vulnerability/february-2023-security-releases.md b/locale/en/blog/vulnerability/february-2023-security-releases.md index 29ef2c535248d..34dbe93175dfb 100644 --- a/locale/en/blog/vulnerability/february-2023-security-releases.md +++ b/locale/en/blog/vulnerability/february-2023-security-releases.md @@ -64,7 +64,7 @@ Impacts: * All versions of the 19.x, 18.x, and 16.x release lines. -## Node.js insecure loading of ICU data through ICU_DATA environment variable (Low) ([CVE-2023-23920](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23920)) +## Node.js insecure loading of ICU data through ICU_DATA environment variable (Low) ([CVE-2023-23920](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23920)) Node.js would search and potentially load ICU data when running with elevated priviledges. Node.js was modified to build with ICU_NO_USER_DATA_OVERRIDE to avoid this.