-
-
Notifications
You must be signed in to change notification settings - Fork 129
Expand file tree
/
Copy path159.json
More file actions
14 lines (14 loc) · 785 Bytes
/
159.json
File metadata and controls
14 lines (14 loc) · 785 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
{
"cve": [
"CVE-2025-59464"
],
"vulnerable": "24.x",
"patched": "^24.12.0",
"ref": "https://nodejs.org/en/blog/vulnerability/december-2025-security-releases",
"description": "Memory leak that enables remote Denial of Service against applications processing TLS client certificates",
"overview": "A memory leak in Node.js’s OpenSSL integration occurs when converting `X.509` certificate fields to UTF-8 without freeing the allocated buffer. When applications call `socket.getPeerCertificate(true)`, each certificate field leaks memory, allowing remote clients to trigger steady memory growth through repeated TLS connections. Over time this can lead to resource exhaustion and denial of service.",
"affectedEnvironments": [
"all"
],
"severity": "medium"
}