Project owners need some way to adjust severity of OSS-Fuzz reports

[davidben]

This is a companion to https://github.com/google/oss-fuzz/issues/11925

OSS-Fuzz automatically assigns severity for bugs. This is a great first-pass triage, but sometimes OSS-Fuzz is wrong. It may over-level the bug if it's a bug in the fuzzer and not actual code, or in an irrelevant part of the system. It may under-level the bug if it's a case where non-memory-safety correctness still has serious ramifications, e.g. some kinds of cryptographic errors.

Now that OSS-Fuzz bugs are integrated into OSV, these mistakes go from cosmetic issues to actual problems.