Sync with GitHub Security Advisories

reedloden · reedloden · commit 45315b5a8236 · 2022-05-02T13:20:49.000-07:00
* Add CVSSv3 and GHSA ID to CVE-2022-29498
diff --git a/gems/blazer/CVE-2022-29498.yml b/gems/blazer/CVE-2022-29498.yml
@@ -1,6 +1,7 @@
 ---
 gem: blazer
 cve: 2022-29498
+ghsa: qf9q-q4hh-qph3
 url: https://github.com/ankane/blazer/issues/392
 title: SQL injection for certain queries with variables
 date: 2022-04-20
@@ -15,5 +16,6 @@ description: |
   Users cannot run any queries they could not have already run. However, an attacker
   could get a user to run a query they would not have normally run. If the data source
   has write permissions, this could include modifying data in some cases.
+cvss_v3: 7.5
 patched_versions:
-- '>= 2.6.0'
+- ">= 2.6.0"
