From d4600d48dd3f20a33258f73aa5226c1d67e8450a Mon Sep 17 00:00:00 2001
From: "Node.js GitHub Bot" <github-bot@iojs.org>
Date: Wed, 28 May 2025 19:19:47 +0000
Subject: [PATCH] Sync security vulnerabilities

---
 vuln/core/151.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vuln/core/151.json b/vuln/core/151.json
index 143b77212..0a0c0503c 100644
--- a/vuln/core/151.json
+++ b/vuln/core/151.json
@@ -8,7 +8,7 @@
   "description": "Corrupted pointer in node::fs::ReadFileUtf8(const FunctionCallbackInfo<Value>& args) when args[0] is a string.",
   "overview": "In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in `uv_fs_s.file`: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory growth, leading to a denial of service.\n\nImpact:\n* This vulnerability affects APIs relying on `ReadFileUtf8` on Node.js release lines: v20 and v22.",
   "affectedEnvironments": [
-    "all"
+    "win32"
   ],
   "severity": "low"
 }