From 66e41801eeb5cad0d771fa1c12bc42de8d1b5064 Mon Sep 17 00:00:00 2001 From: Antoine du Hamel Date: Thu, 15 Jan 2026 10:56:47 +0100 Subject: [PATCH] fix: make version refs consistent in the blog post Signed-off-by: Antoine du Hamel --- .../december-2025-security-releases.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/apps/site/pages/en/blog/vulnerability/december-2025-security-releases.md b/apps/site/pages/en/blog/vulnerability/december-2025-security-releases.md index b71bf5608db8a..71947dd67acb0 100644 --- a/apps/site/pages/en/blog/vulnerability/december-2025-security-releases.md +++ b/apps/site/pages/en/blog/vulnerability/december-2025-security-releases.md @@ -9,7 +9,7 @@ author: The Node.js Project ## Security releases available -Updates are now available for the 25.x, 24.x, 22.x, 20.x Node.js release lines +Updates are now available for the 25.x, 24.x, 22.x, and 20.x Node.js release lines to address: - 3 high severity issues. @@ -47,7 +47,7 @@ expected isolation guarantees and enables arbitrary file read/write, leading to Impact: -- This vulnerability affects users of the permission model on Node.js v20, v22, v24, and v25. +- This vulnerability affects users of the permission model on Node.js 20.x, 22.x, 24.x, and 25.x. Thank you, to natann for reporting this vulnerability and thank you RafaelGSS for fixing it. @@ -68,7 +68,7 @@ server.on('secureConnection', socket => { Impact: -- This vulnerability affects all users in active release lines: 20.x, 22.x, 24.x, 25.x +- This vulnerability affects all users in active release lines: 20.x, 22.x, 24.x, and 25.x Thank you, to dantt for reporting this vulnerability and thank you RafaelGSS for fixing it. @@ -90,7 +90,7 @@ for details. Impact: -- This vulnerability affects all users in active release lines: 20.x, 22.x, 24.x, 25.x +- This vulnerability affects all users in active release lines: 20.x, 22.x, 24.x, and 25.x Thank you, to Andrew MacPherson (AndrewMohawk) for identifying & aaron_vercel for reporting this vulnerability and thank you mcollina for fixing it. @@ -103,10 +103,10 @@ TLS connections. Over time this can lead to resource exhaustion and denial of se Impact: -- This vulnerability was already fixed on Node.js v24.12.0. It has no impact on +- This vulnerability was already fixed on Node.js 24.12.0. It has no impact on other active release lines. -This public CVE is only issued for the affected v24 releases. +This public CVE is only issued for the affected 24.x releases. Thank you, to giant_anteater for reporting this vulnerability and thank you RafaelGSS for fixing it. @@ -122,7 +122,7 @@ In the moment of this vulnerability, network permissions (`--allow-net`) are sti Impact: -- The issue affects users of the Node.js permission model on version v25. +- The issue affects users of the Node.js permission model on Node.js 25.x. Thank you, to mufeedvh for reporting this vulnerability and thank you RafaelGSS for fixing it. @@ -152,7 +152,7 @@ ways that obscure activity, reducing the reliability of logs. Impact: -- This vulnerability affects users of the permission model on Node.js v20, v22, v24, and v25. +- This vulnerability affects users of the permission model on Node.js 20.x, 22.x, 24.x, and 25.x. Thank you, to oriotie for reporting this vulnerability and thank you RafaelGSS for fixing it. @@ -165,7 +165,7 @@ Thank you, to oriotie for reporting this vulnerability and thank you RafaelGSS f # Summary -The Node.js project will release new versions of the 25.x, 24.x, 22.x, 20.x +The Node.js project will release new versions of the 25.x, 24.x, 22.x, and 20.x releases lines on or shortly after, Monday, December 15, 2025 in order to address: - 3 high severity issues.