Updated advisory posts against rubysec/ruby-advisory-db@d93447c

Author: jasnow

advisories/_posts/2019-10-31-CVE-2019-13117.md

@@ -72,13 +72,16 @@ advisory:
     disclosed.
 
     Patched with commit https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b7313d67de8836ea3b29eec6e8e285
+  cvss_v2: 5.0
+  cvss_v3: 5.3
   patched_versions:
   - ">= 1.10.5"
   related:
     cve:
     - 2019-13118
     - 2019-18197
     url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-13117
     - https://groups.google.com/d/msg/ruby-security-ann/-Wq4aouIA3Q/yc76ZHemBgAJ
     - https://usn.ubuntu.com/4164-1/
     - https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1

advisories/_posts/2024-10-15-CVE-2024-47889.md

@@ -52,5 +52,6 @@ advisory:
   related:
     url:
     - https://github.com/rails/rails/security/advisories/GHSA-h47h-mwp9-c6q6
+    - https://discuss.rubyonrails.org/t/cve-2024-47889-possible-redos-vulnerability-in-block-format-in-action-mailer/87695
     - https://github.com/advisories/GHSA-h47h-mwp9-c6q6
 ---

advisories/_posts/2026-03-05-CVE-2026-27820.md

@@ -43,12 +43,14 @@ advisory:
 
     Thanks to calysteon for reporting this issue. Also thanks to
     nobu for creating the patch.
+  cvss_v3: 9.8
   patched_versions:
   - "~> 3.0.1"
   - "~> 3.1.2"
   - ">= 3.2.3"
   related:
     url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2026-27820
     - https://www.ruby-lang.org/en/news/2026/03/05/buffer-overflow-zlib-cve-2026-27820
     - https://rubygems.org/gems/zlib/versions/3.2.3
     - https://rubygems.org/gems/zlib/versions/3.1.2

advisories/_posts/2026-05-27-CVE-2026-47736.md

@@ -58,6 +58,7 @@ advisory:
     - https://github.com/puma/puma/pull/2654
     - https://github.com/puma/puma/issues/2651
     - https://rubyweekly.com/issues/803
+    - https://advisories.gitlab.com/gem/puma/CVE-2026-47736
     - https://github.com/puma/puma/security/advisories/GHSA-qpgp-93vx-g8v8
   notes: |
     - https://www.cve.org/CVERecord/SearchResults?query=CVE-2026-47736 (reserved)