diff --git a/gems/activerecord-session_store/CVE-2019-25025.yml b/gems/activerecord-session_store/CVE-2019-25025.yml
index 0cac5d56d3..4849910368 100644
--- a/gems/activerecord-session_store/CVE-2019-25025.yml
+++ b/gems/activerecord-session_store/CVE-2019-25025.yml
@@ -13,15 +13,16 @@ description: |
   amount of time. This is a related issue to CVE-2019-16782.
 
   ## Recommendation
-  As of the publishing of this advisory, there is no official fix in place.
-
-  An unofficial fix is described here:
-  https://github.com/rails/activerecord-session_store/pull/151#issuecomment-631705247
+  Users should upgrade to `activerecord-session_store` version 2.0.0 or later.
 
 cvss_v3: 5.9
 
+patched_versions:
+  - ">= 2.0.0"
+
 related:
   cve:
     - 2019-16782
   url:
     - https://github.com/rails/activerecord-session_store/pull/151
+    - https://github.com/rails/activerecord-session_store/releases/tag/v2.0.0