Update apps/site/pages/en/blog/vulnerability/upcoming-cve-for-eol-ver…

…sions.md Co-authored-by: Michael Dawson <mdawson@devrus.com> Signed-off-by: Rafael Gonzaga <rafael.nunu@hotmail.com>
nodejs · Jan 6, 2025 · 8e5ef67 · 8e5ef67
1 parent 2042f36
commit 8e5ef67
Showing 1 changed file with 14 additions and 14 deletions.
diff --git a/apps/site/pages/en/blog/vulnerability/upcoming-cve-for-eol-versions.md b/apps/site/pages/en/blog/vulnerability/upcoming-cve-for-eol-versions.md
@@ -1,5 +1,5 @@
 ---
-date: '2025-01-14T16:00:00.000Z'
+date: '2025-01-06:00:00.000Z'
 category: vulnerability
 title: Upcoming CVE for End-of-Life Node.js Versions
 layout: blog-post
@@ -18,24 +18,24 @@ notification to inform users that these versions are no longer maintained and
 may pose significant security risks.
 
 The CVE will cite **Unsupported When Assigned** under
-[CWE-1104](https://cwe.mitre.org/data/definitions/1104.html): *Use of Unmaintained Third Party Components*.
+[CWE-1104](https://cwe.mitre.org/data/definitions/1104.html): _Use of Unmaintained Third Party Components_.
 For more details on this decision, you can refer to the discussion in
 [this GitHub issue](https://github.com/nodejs/security-wg/issues/1401).
 
 ## Why Issue a CVE?
 
 Many organizations rely on CVE notifications to track security issues across
-their software stacks. The Node.js project guarantee a timely resolution and disclosure
+their software stacks. The Node.js project aims for a timely resolution and disclosure
 for all reported vulnerabilities for the _maintained_ release lines.
 However, we do not issue CVEs for EOL release lines.
 By issuing a CVE for EOL versions of Node.js, we aim to:
 
-* **Raise Awareness:** Inform users that running EOL versions exposes their
-applications to potential vulnerabilities.
-* **Encourage Upgrades:** Prompt organizations and developers to update to
-actively supported Node.js versions.
-* **Improve Security:** Reduce the number of applications running outdated and
-unsupported versions of Node.js.
+- **Raise Awareness:** Inform users that running EOL versions exposes their
+  applications to potential vulnerabilities.
+- **Encourage Upgrades:** Prompt organizations and developers to update to
+  actively supported Node.js versions.
+- **Improve Security:** Reduce the number of applications running outdated and
+  unsupported versions of Node.js.
 
 > Node.js v16, despite being EOL for over a year, has still 11 million downloads per month.
 
@@ -67,10 +67,10 @@ npx is-my-node-vulnerable
 
 As of the date of this announcement, the following versions are actively supported:
 
-* Node.js 23 (Current)
-* Node.js 22 (LTS)
-* Node.js 20 (Maintenance LTS)
-* Node.js 18 (Maintenance LTS)
+- Node.js 23 (Current)
+- Node.js 22 (LTS)
+- Node.js 20 (Maintenance LTS)
+- Node.js 18 (Maintenance LTS)
 
 All other versions are no longer supported and should be considered deprecated.
 
@@ -79,7 +79,7 @@ All other versions are no longer supported and should be considered deprecated.
 We understand that upgrading may require effort, and we’re here to help. If you have
 any questions or need assistance, please reach out to us via:
 
-* [Node.js Help Repository](https://github.com/nodejs/help)
+- [Node.js Help Repository](https://github.com/nodejs/help)
 
 For organizations or developers who require continued use of EOL Node.js versions,
 the [OpenJS Ecosystem Sustainability Program](https://nodejs.org/en/about/previous-releases#commercial-support)