# File lib/brakeman/checks/check_sql_cves.rb, line 73 def cve_warning_for versions, cve, link upgrade_version = upgrade_version? versions return unless upgrade_version code = cve.tr('-', '_').to_sym warn :warning_type => 'SQL Injection', :warning_code => code, :message => msg(msg_version(rails_version), " contains a SQL injection vulnerability ", msg_cve(cve), ". Upgrade to ", msg_version(upgrade_version)), :confidence => :high, :gem_info => gemfile_or_environment, :link_path => link end