CNNVD-202601-3182 Information

CNNVD ID

CNNVD-202601-3182

Related CVE

CVE-2025-59464

• CNNVD Published: 2026-01-20

Description (Chinese)

Node.js是Node.js开源的一个开源、跨平台的 JavaScript 运行时环境。 Node.js存在安全漏洞，该漏洞源于将X.509证书字段转换为UTF-8时未释放分配的内存，可能导致内存泄漏、资源耗尽和拒绝服务。

Description (English)

Node.js is an open-source, cross-platform JavaScript running environment for Node.js. Node.js had a security loophole, which stemmed from unreleased memory when the X.509 certificate field was converted to UTF-8, which could result in leakage, depletion of resources and denial of services.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Node.js

Published

2026-01-20

Last Modified

2026-02-24

References

https://nodejs.org/en/blog/vulnerability/december-2025-security-releases https://access.redhat.com/security/cve/cve-2025-59464

Patch

https://nodejs.org/en/blog/vulnerability/december-2025-security-releases