rubysec
diff --git a/‎gems/alchemy_cms/CVE-2018-18307.yml‎
Lines changed: 10 additions & 10 deletions b/‎gems/alchemy_cms/CVE-2018-18307.yml‎
Lines changed: 10 additions & 10 deletions
diff --git a/‎gems/ckeditor/CVE-2020-27193.yml‎
Lines changed: 9 additions & 9 deletions b/‎gems/ckeditor/CVE-2020-27193.yml‎
Lines changed: 9 additions & 9 deletions
diff --git a/‎gems/ckeditor/CVE-2020-9281.yml‎
Lines changed: 12 additions & 12 deletions b/‎gems/ckeditor/CVE-2020-9281.yml‎
Lines changed: 12 additions & 12 deletions
diff --git a/‎gems/ckeditor/CVE-2021-26272.yml‎
Lines changed: 8 additions & 8 deletions b/‎gems/ckeditor/CVE-2021-26272.yml‎
Lines changed: 8 additions & 8 deletions
diff --git a/‎gems/ckeditor/CVE-2021-32808.yml‎
Lines changed: 11 additions & 11 deletions b/‎gems/ckeditor/CVE-2021-32808.yml‎
Lines changed: 11 additions & 11 deletions
diff --git a/‎gems/ckeditor/CVE-2021-32809.yml‎
Lines changed: 10 additions & 10 deletions b/‎gems/ckeditor/CVE-2021-32809.yml‎
Lines changed: 10 additions & 10 deletions
diff --git a/‎gems/ckeditor/CVE-2021-33829.yml‎
Lines changed: 13 additions & 13 deletions b/‎gems/ckeditor/CVE-2021-33829.yml‎
Lines changed: 13 additions & 13 deletions
diff --git a/‎gems/ckeditor/CVE-2021-37695.yml‎
Lines changed: 11 additions & 11 deletions b/‎gems/ckeditor/CVE-2021-37695.yml‎
Lines changed: 11 additions & 11 deletions
diff --git a/‎gems/ckeditor/CVE-2021-41164.yml‎
Lines changed: 11 additions & 11 deletions b/‎gems/ckeditor/CVE-2021-41164.yml‎
Lines changed: 11 additions & 11 deletions
diff --git a/‎gems/ckeditor/CVE-2021-41165.yml‎
Lines changed: 9 additions & 9 deletions b/‎gems/ckeditor/CVE-2021-41165.yml‎
Lines changed: 9 additions & 9 deletions
@@ -10,16 +10,16 @@ description: |
   via the /admin/pictures image filename field.
 cvss_v3: 5.9
 unaffected_versions:
-- "< 4.1.0"
+  - "< 4.1.0"
 patched_versions:
-- ">= 7.4.10"
+  - ">= 7.4.10"
 related:
   url:
-  - https://nvd.nist.gov/vuln/detail/CVE-2018-18307
-  - http://packetstormsecurity.com/files/149787/Alchemy-CMS-4.1-Stable-Cross-Site-Scripting.html
-  - https://github.com/AlchemyCMS/alchemy_cms/blob/4.1-stable/app/controllers/alchemy/admin/base_controller.rb#L15
-  - https://github.com/AlchemyCMS/alchemy_cms/blob/4.1-stable/app/controllers/alchemy/admin/pictures_controller.rb#L5
-  - https://github.com/AlchemyCMS/alchemy_cms/blob/4.1-stable/app/controllers/alchemy/admin/resources_controller.rb#L21
-  - https://github.com/AlchemyCMS/alchemy_cms/pull/3375
-  - https://github.com/AlchemyCMS/alchemy_cms/releases/tag/v7.4.10
-  - https://github.com/advisories/GHSA-7mj4-2984-955f
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-18307
+    - http://packetstormsecurity.com/files/149787/Alchemy-CMS-4.1-Stable-Cross-Site-Scripting.html
+    - https://github.com/AlchemyCMS/alchemy_cms/blob/4.1-stable/app/controllers/alchemy/admin/base_controller.rb#L15
+    - https://github.com/AlchemyCMS/alchemy_cms/blob/4.1-stable/app/controllers/alchemy/admin/pictures_controller.rb#L5
+    - https://github.com/AlchemyCMS/alchemy_cms/blob/4.1-stable/app/controllers/alchemy/admin/resources_controller.rb#L21
+    - https://github.com/AlchemyCMS/alchemy_cms/pull/3375
+    - https://github.com/AlchemyCMS/alchemy_cms/releases/tag/v7.4.10
+    - https://github.com/advisories/GHSA-7mj4-2984-955f
@@ -11,14 +11,14 @@ description: |
   a user to copy and paste crafted HTML code into one of editor inputs.
 cvss_v3: 6.1
 patched_versions:
-- ">= 5.1.2"
+  - ">= 5.1.2"
 related:
   url:
-  - https://nvd.nist.gov/vuln/detail/CVE-2020-27193
-  - https://ckeditor.com/blog/CKEditor-4.15.1-with-a-security-patch-released/
-  - https://ckeditor.com/cke4/release/CKEditor-4.15.1
-  - https://ckeditor.com/ckeditor-4/download/
-  - https://www.oracle.com//security-alerts/cpujul2021.html
-  - https://www.oracle.com/security-alerts/cpuApr2021.html
-  - https://www.oracle.com/security-alerts/cpuoct2021.html
-  - https://github.com/advisories/GHSA-4m44-5j2g-xf64
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-27193
+    - https://ckeditor.com/blog/CKEditor-4.15.1-with-a-security-patch-released/
+    - https://ckeditor.com/cke4/release/CKEditor-4.15.1
+    - https://ckeditor.com/ckeditor-4/download/
+    - https://www.oracle.com//security-alerts/cpujul2021.html
+    - https://www.oracle.com/security-alerts/cpuApr2021.html
+    - https://www.oracle.com/security-alerts/cpuoct2021.html
+    - https://github.com/advisories/GHSA-4m44-5j2g-xf64
@@ -11,17 +11,17 @@ description: |
   through a crafted "protected" comment (with the cke_protected syntax).
 cvss_v3: 6.1
 patched_versions:
-- ">= 5.1.2"
+  - ">= 5.1.2"
 related:
   url:
-  - https://nvd.nist.gov/vuln/detail/CVE-2020-9281
-  - https://github.com/ckeditor/ckeditor4
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7OJ4BSS3VEAEXPNSOOUAXX6RDNECGZNO/
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L322YA73LCV3TO7ORY45WQDAFJVNKXBE/
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4HHYQ6N452XTCIROFMJOTYEUWSB6FR4/
-  - https://www.oracle.com/security-alerts/cpujan2021.html
-  - https://www.oracle.com/security-alerts/cpuoct2020.html
-  - https://www.oracle.com/security-alerts/cpuApr2021.html
-  - https://www.oracle.com/security-alerts/cpuoct2021.html
-  - https://www.oracle.com/security-alerts/cpujan2022.html
-  - https://github.com/advisories/GHSA-vcjf-mgcg-jxjq
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-9281
+    - https://github.com/ckeditor/ckeditor4
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7OJ4BSS3VEAEXPNSOOUAXX6RDNECGZNO/
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L322YA73LCV3TO7ORY45WQDAFJVNKXBE/
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4HHYQ6N452XTCIROFMJOTYEUWSB6FR4/
+    - https://www.oracle.com/security-alerts/cpujan2021.html
+    - https://www.oracle.com/security-alerts/cpuoct2020.html
+    - https://www.oracle.com/security-alerts/cpuApr2021.html
+    - https://www.oracle.com/security-alerts/cpuoct2021.html
+    - https://www.oracle.com/security-alerts/cpujan2022.html
+    - https://github.com/advisories/GHSA-vcjf-mgcg-jxjq
@@ -11,13 +11,13 @@ description: |
   then press Enter or Space (in the Autolink plugin).
 cvss_v3: 6.5
 patched_versions:
-- ">= 5.1.2"
+  - ">= 5.1.2"
 related:
   url:
-  - https://nvd.nist.gov/vuln/detail/CVE-2021-26272
-  - https://ckeditor.com/blog/CKEditor-4.16-with-improved-image-pasting-High-Contrast-support-and-a-new-color-API/#security-comes-first
-  - https://github.com/ckeditor/ckeditor4/blob/major/CHANGES.md#ckeditor-416
-  - https://www.oracle.com//security-alerts/cpujul2021.html
-  - https://www.oracle.com/security-alerts/cpuoct2021.html
-  - https://www.oracle.com/security-alerts/cpujan2022.html
-  - https://github.com/advisories/GHSA-wpvm-wqr4-p7cw
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-26272
+    - https://ckeditor.com/blog/CKEditor-4.16-with-improved-image-pasting-High-Contrast-support-and-a-new-color-API/#security-comes-first
+    - https://github.com/ckeditor/ckeditor4/blob/major/CHANGES.md#ckeditor-416
+    - https://www.oracle.com//security-alerts/cpujul2021.html
+    - https://www.oracle.com/security-alerts/cpuoct2021.html
+    - https://www.oracle.com/security-alerts/cpujan2022.html
+    - https://github.com/advisories/GHSA-wpvm-wqr4-p7cw
@@ -23,17 +23,17 @@ description: |
   The CKEditor 4 team would like to thank Anton Subbotin ([skavans](https://github.com/skavans)) for recognizing and reporting this vulnerability.
 cvss_v3: 7.6
 unaffected_versions:
-- "< 5.1.2"
+  - "< 5.1.2"
 patched_versions:
-- ">= 5.1.2"
+  - ">= 5.1.2"
 related:
   url:
-  - https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-6226-h7ff-ch6c
-  - https://nvd.nist.gov/vuln/detail/CVE-2021-32808
-  - https://github.com/ckeditor/ckeditor4/releases/tag/4.16.2
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYA354LJP47KCVJMTUO77ZCX3ZK42G3T/
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVOYN2WKDPLKCNILIGEZM236ABQASLGW/
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAGNWHFIQAVCP537KFFS2A2GDG66J7XD/
-  - https://www.oracle.com/security-alerts/cpuoct2021.html
-  - https://www.oracle.com/security-alerts/cpujan2022.html
-  - https://github.com/advisories/GHSA-6226-h7ff-ch6c
+    - https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-6226-h7ff-ch6c
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-32808
+    - https://github.com/ckeditor/ckeditor4/releases/tag/4.16.2
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYA354LJP47KCVJMTUO77ZCX3ZK42G3T/
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVOYN2WKDPLKCNILIGEZM236ABQASLGW/
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAGNWHFIQAVCP537KFFS2A2GDG66J7XD/
+    - https://www.oracle.com/security-alerts/cpuoct2021.html
+    - https://www.oracle.com/security-alerts/cpujan2022.html
+    - https://github.com/advisories/GHSA-6226-h7ff-ch6c
@@ -31,16 +31,16 @@ description: |
   The CKEditor 4 team would like to thank Anton Subbotin ([skavans](https://github.com/skavans)) for recognizing and reporting this vulnerability.
 cvss_v3: 4.6
 unaffected_versions:
-- "< 4.1.2"
+  - "< 4.1.2"
 patched_versions:
-- ">= 5.1.2"
+  - ">= 5.1.2"
 related:
   url:
-  - https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-7889-rm5j-hpgg
-  - https://nvd.nist.gov/vuln/detail/CVE-2021-32809
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYA354LJP47KCVJMTUO77ZCX3ZK42G3T/
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVOYN2WKDPLKCNILIGEZM236ABQASLGW/
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAGNWHFIQAVCP537KFFS2A2GDG66J7XD/
-  - https://www.oracle.com/security-alerts/cpuoct2021.html
-  - https://www.oracle.com/security-alerts/cpujan2022.html
-  - https://github.com/advisories/GHSA-7889-rm5j-hpgg
+    - https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-7889-rm5j-hpgg
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-32809
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYA354LJP47KCVJMTUO77ZCX3ZK42G3T/
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVOYN2WKDPLKCNILIGEZM236ABQASLGW/
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAGNWHFIQAVCP537KFFS2A2GDG66J7XD/
+    - https://www.oracle.com/security-alerts/cpuoct2021.html
+    - https://www.oracle.com/security-alerts/cpujan2022.html
+    - https://github.com/advisories/GHSA-7889-rm5j-hpgg
@@ -11,19 +11,19 @@ description: |
   executable JavaScript code through a crafted comment because `--!>` is mishandled.
 cvss_v3: 6.1
 unaffected_versions:
-- "< 5.1.1"
+  - "< 5.1.1"
 patched_versions:
-- ">= 5.1.2"
+  - ">= 5.1.2"
 related:
   url:
-  - https://nvd.nist.gov/vuln/detail/CVE-2021-33829
-  - https://ckeditor.com/blog/ckeditor-4.16.1-with-accessibility-enhancements/#improvements-for-comments-in-html-parser
-  - https://www.npmjs.com/package/ckeditor4
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYA354LJP47KCVJMTUO77ZCX3ZK42G3T/
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVOYN2WKDPLKCNILIGEZM236ABQASLGW/
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAGNWHFIQAVCP537KFFS2A2GDG66J7XD/
-  - https://www.drupal.org/sa-core-2021-003
-  - https://lists.debian.org/debian-lts-announce/2021/11/msg00007.html
-  - https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2021-33829.yaml
-  - https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2021-33829.yaml
-  - https://github.com/advisories/GHSA-rgx6-rjj4-c388
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-33829
+    - https://ckeditor.com/blog/ckeditor-4.16.1-with-accessibility-enhancements/#improvements-for-comments-in-html-parser
+    - https://www.npmjs.com/package/ckeditor4
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYA354LJP47KCVJMTUO77ZCX3ZK42G3T/
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVOYN2WKDPLKCNILIGEZM236ABQASLGW/
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAGNWHFIQAVCP537KFFS2A2GDG66J7XD/
+    - https://www.drupal.org/sa-core-2021-003
+    - https://lists.debian.org/debian-lts-announce/2021/11/msg00007.html
+    - https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2021-33829.yaml
+    - https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2021-33829.yaml
+    - https://github.com/advisories/GHSA-rgx6-rjj4-c388
@@ -30,16 +30,16 @@ description: |
   The CKEditor 4 team would like to thank Mika Kulmala ([kulmik](https://github.com/kulmik)) for recognizing and reporting this vulnerability.
 cvss_v3: 7.3
 patched_versions:
-- ">= 5.1.2"
+  - ">= 5.1.2"
 related:
   url:
-  - https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-m94c-37g6-cjhc
-  - https://nvd.nist.gov/vuln/detail/CVE-2021-37695
-  - https://github.com/ckeditor/ckeditor4/commit/de3c001540715f9c3801aaa38a1917de46cfcf58
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYA354LJP47KCVJMTUO77ZCX3ZK42G3T/
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVOYN2WKDPLKCNILIGEZM236ABQASLGW/
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAGNWHFIQAVCP537KFFS2A2GDG66J7XD/
-  - https://www.oracle.com/security-alerts/cpuoct2021.html
-  - https://lists.debian.org/debian-lts-announce/2021/11/msg00007.html
-  - https://www.oracle.com/security-alerts/cpujan2022.html
-  - https://github.com/advisories/GHSA-m94c-37g6-cjhc
+    - https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-m94c-37g6-cjhc
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-37695
+    - https://github.com/ckeditor/ckeditor4/commit/de3c001540715f9c3801aaa38a1917de46cfcf58
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYA354LJP47KCVJMTUO77ZCX3ZK42G3T/
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVOYN2WKDPLKCNILIGEZM236ABQASLGW/
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAGNWHFIQAVCP537KFFS2A2GDG66J7XD/
+    - https://www.oracle.com/security-alerts/cpuoct2021.html
+    - https://lists.debian.org/debian-lts-announce/2021/11/msg00007.html
+    - https://www.oracle.com/security-alerts/cpujan2022.html
+    - https://github.com/advisories/GHSA-m94c-37g6-cjhc
@@ -23,16 +23,16 @@ description: |
   The CKEditor 4 team would like to thank Maurice Dauer ([laytonctf](https://twitter.com/laytonctf)) for recognizing and reporting this vulnerability.
 cvss_v3: 8.2
 patched_versions:
-- ">= 5.1.2"
+  - ">= 5.1.2"
 related:
   url:
-  - https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-pvmx-g8h5-cprj
-  - https://github.com/ckeditor/ckeditor4/blob/major/CHANGES.md#ckeditor-417
-  - https://nvd.nist.gov/vuln/detail/CVE-2021-41164
-  - https://www.drupal.org/sa-core-2021-011
-  - https://www.oracle.com/security-alerts/cpujan2022.html
-  - https://www.oracle.com/security-alerts/cpuapr2022.html
-  - https://www.oracle.com/security-alerts/cpujul2022.html
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP/
-  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6/
-  - https://github.com/advisories/GHSA-pvmx-g8h5-cprj
+    - https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-pvmx-g8h5-cprj
+    - https://github.com/ckeditor/ckeditor4/blob/major/CHANGES.md#ckeditor-417
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-41164
+    - https://www.drupal.org/sa-core-2021-011
+    - https://www.oracle.com/security-alerts/cpujan2022.html
+    - https://www.oracle.com/security-alerts/cpuapr2022.html
+    - https://www.oracle.com/security-alerts/cpujul2022.html
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP/
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6/
+    - https://github.com/advisories/GHSA-pvmx-g8h5-cprj
@@ -22,14 +22,14 @@ description: |
   The CKEditor 4 team would like to thank William Bowling ([wbowling](https://github.com/wbowling)) for recognizing and reporting this vulnerability.
 cvss_v3: 8.2
 patched_versions:
-- ">= 5.1.2"
+  - ">= 5.1.2"
 related:
   url:
-  - https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-7h26-63m7-qhf2
-  - https://github.com/ckeditor/ckeditor4/blob/major/CHANGES.md#ckeditor-417
-  - https://nvd.nist.gov/vuln/detail/CVE-2021-41165
-  - https://www.drupal.org/sa-core-2021-011
-  - https://www.oracle.com/security-alerts/cpujan2022.html
-  - https://www.oracle.com/security-alerts/cpuapr2022.html
-  - https://www.oracle.com/security-alerts/cpujul2022.html
-  - https://github.com/advisories/GHSA-7h26-63m7-qhf2
+    - https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-7h26-63m7-qhf2
+    - https://github.com/ckeditor/ckeditor4/blob/major/CHANGES.md#ckeditor-417
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-41165
+    - https://www.drupal.org/sa-core-2021-011
+    - https://www.oracle.com/security-alerts/cpujan2022.html
+    - https://www.oracle.com/security-alerts/cpuapr2022.html
+    - https://www.oracle.com/security-alerts/cpujul2022.html
+    - https://github.com/advisories/GHSA-7h26-63m7-qhf2