From c261f3dc8da6e119dfdbbce9ce3406302492be4c Mon Sep 17 00:00:00 2001
From: Al Snow <jasnow@hotmail.com>
Date: Thu, 15 Jan 2026 09:20:20 -0500
Subject: [PATCH 1/2] Update CVE-2025-27221 advisory

---
 gems/uri/CVE-2025-27221.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/gems/uri/CVE-2025-27221.yml b/gems/uri/CVE-2025-27221.yml
index c15293a21e..bb03a93fd5 100644
--- a/gems/uri/CVE-2025-27221.yml
+++ b/gems/uri/CVE-2025-27221.yml
@@ -30,7 +30,7 @@ description: |
 
   Thanks to Tsubasa Irisawa (lambdasawa) for discovering this issue.
   Also thanks to nobu for additional fixes of this vulnerability.
-cvss_v3: 3.2
+cvss_v3: 5.3
 patched_versions:
   - "~> 0.11.3"
   - "~> 0.12.4"
@@ -38,5 +38,8 @@ patched_versions:
   - ">= 1.0.3"
 related:
   url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2025-27221
     - https://www.cve.org/CVERecord?id=CVE-2025-27221
     - https://www.ruby-lang.org/en/news/2025/02/26/security-advisories
+    - https://github.com/rubysec/ruby-advisory-db/issues/932
+    - https://github.com/advisories/GHSA-22h5-pq3x-2gf2

From a86e328c8a7b165c7e860170b9f0cdbaf1e8401d Mon Sep 17 00:00:00 2001
From: Postmodern <postmodern.mod3@gmail.com>
Date: Thu, 15 Jan 2026 11:24:28 -0800
Subject: [PATCH 2/2] Do not link back to ruby-advisory-db issues.

---
 gems/uri/CVE-2025-27221.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/gems/uri/CVE-2025-27221.yml b/gems/uri/CVE-2025-27221.yml
index bb03a93fd5..c7cfd9a8d3 100644
--- a/gems/uri/CVE-2025-27221.yml
+++ b/gems/uri/CVE-2025-27221.yml
@@ -41,5 +41,4 @@ related:
     - https://nvd.nist.gov/vuln/detail/CVE-2025-27221
     - https://www.cve.org/CVERecord?id=CVE-2025-27221
     - https://www.ruby-lang.org/en/news/2025/02/26/security-advisories
-    - https://github.com/rubysec/ruby-advisory-db/issues/932
     - https://github.com/advisories/GHSA-22h5-pq3x-2gf2