doc: fix typos in SECURITY.md

VoltrexKeyva · yjl9903 · commit 3d22b9e0b0d7 · 2023-04-29T02:30:34.000+08:00
PR-URL: nodejs#47677 Reviewed-By: Daeyeon Jeong <daeyeon.dev@gmail.com> Reviewed-By: Deokjin Kim <deokjin81.kim@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
diff --git a/SECURITY.md b/SECURITY.md
@@ -126,7 +126,7 @@ lead to a loss of confidentiality, integrity, or availability.
    See <https://nodejs.org/api/modules.html#all-together>.
 
 Any unexpected behavior from the data manipulation from Node.js Internal
-functions may be considered a vulnerability if they are expoitable via
+functions may be considered a vulnerability if they are exploitable via
 untrusted resources.
 
 In addition to addressing vulnerabilities based on the above, the project works
@@ -144,7 +144,7 @@ the community they pose.
 #### Improper Certificate Validation (CWE-295)
 
 * Node.js provides APIs to validate handling of Subject Alternative Names (SANs)
-  in certficates used to connect to a TLS/SSL endpoint. If certificates can be
+  in certificates used to connect to a TLS/SSL endpoint. If certificates can be
   crafted which result in incorrect validation by the Node.js APIs that is
   considered a vulnerability.
 
