Apply suggestions from code review

RafaelGSS · mhdawson · web-flow · commit 60bc31c88687 · 2025-03-06T18:51:47.000-03:00
Co-authored-by: Michael Dawson &lt;mdawson@devrus.com&gt;
Signed-off-by: Rafael Gonzaga &lt;rafael.nunu@hotmail.com&gt;
diff --git a/apps/site/pages/en/blog/vulnerability/updates-cve-for-end-of-life.md b/apps/site/pages/en/blog/vulnerability/updates-cve-for-end-of-life.md
@@ -6,11 +6,16 @@ layout: blog-post
 author: Rafael Gonzaga
 ---
 
-# Rationale for Issuing CVEs on End-of-Life Node.js Versions
-
-**TL;DR:** CVE-2025-23087, CVE-2025-23088, and CVE-2025-23089 have been
-rejected by MITRE and therefore the Node.js team decided to update previous
-CVEs to cover EOL releases, reflecting their ongoing security risks.
+# Update on the issuance of CVEs to mark End-of-Life Node.js Versions
+
+**TL;DR:** CVE-2025-23087, CVE-2025-23088, and CVE-2025-23089 issued to
+tag EOL versions have been rejected by MITRE.
+The Node.js team has, therefore, decided to update previous vulnerability specific
+CVEs to cover EOL releases, reflecting their ongoing security risks. This means that
+all new CVEs issued will include EOL releases in the applicability until we have specific
+information that indicates a CVE does not apply to an EOL release line. The project
+does not plan to evaluate CVEs against EOL lines but information provided to the
+project may be used to update the applicability if/when it is available.
 
 On January 21, 2025, Node.js released security patches for four active release
 lines. At the same time, CVEs were assigned to cover EOL (end-of-life) versions:
