From 6a04d5ce4abc30e5c185766f8607f7bd132fa740 Mon Sep 17 00:00:00 2001
From: patrickm68 <patrick.mcenaney68@gmail.com>
Date: Fri, 29 Sep 2017 16:37:46 -0400
Subject: [PATCH] doc: add json entry for latest sec vuln

PR-URL: https://github.com/nodejs/security-wg/pull/46
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Vladimir Kurchatkin <vladimir.kurchatkin@gmail.com>
---
 vuln/core/42.json | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 vuln/core/42.json

diff --git a/vuln/core/42.json b/vuln/core/42.json
new file mode 100644
index 0000000..349371a
--- /dev/null
+++ b/vuln/core/42.json
@@ -0,0 +1,9 @@
+{
+  "cve": [
+    "CVE-2017-14849"
+  ],
+  "vulnerable": "8.5.0",
+  "patched": "^8.6.0",
+  "ref": "https://nodejs.org/en/blog/vulnerability/september-2017-path-validation/",
+  "overview": "Node.js version 8.5.0 included a change which caused a security vulnerability in the checks on paths made by some community modules. As a result, an attacker may be able to access file system paths other than those intended."
+}