From ab2123181d4ed7d7901eacbc54e4a33d84df9941 Mon Sep 17 00:00:00 2001
From: Rafael Gonzaga <rafael.nunu@hotmail.com>
Date: Wed, 14 Jan 2026 14:45:40 -0300
Subject: [PATCH] chore: update impacted version

https://github.com/nodejs/nodejs.org/pull/8550
---
 vuln/core/159.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/vuln/core/159.json b/vuln/core/159.json
index 988645b8..a606e582 100644
--- a/vuln/core/159.json
+++ b/vuln/core/159.json
@@ -2,8 +2,8 @@
   "cve": [
     "CVE-2025-59464"
   ],
-  "vulnerable": "20.x || 22.x || 24.x",
-  "patched": "^20.20.0 || ^22.22.0 || ^24.13.0",
+  "vulnerable": "24.x",
+  "patched": "^24.12.0",
   "ref": "https://nodejs.org/en/blog/vulnerability/december-2025-security-releases",
   "description": "Memory leak that enables remote Denial of Service against applications processing TLS client certificates",
   "overview": "A memory leak in Node.js’s OpenSSL integration occurs when converting `X.509` certificate fields to UTF-8 without freeing the allocated buffer. When applications call `socket.getPeerCertificate(true)`, each certificate field leaks memory, allowing remote clients to trigger steady memory growth through repeated TLS connections. Over time this can lead to resource exhaustion and denial of service.",