Skip to main content

此版本的 GitHub Enterprise 已停止服务 2022-10-12. 即使针对重大安全问题,也不会发布补丁。 为了获得更好的性能、更高的安全性和新功能,请升级到最新版本的 GitHub Enterprise。 如需升级帮助,请联系 GitHub Enterprise 支持

Editing security advisories in the GitHub Advisory Database

You can submit improvements to any advisory published in the GitHub Advisory Database.

About editing advisories in the GitHub Advisory Database

Security advisories in the GitHub Advisory Database at github.com/advisories are considered global advisories. Anyone can suggest improvements on any global security advisory in the GitHub Advisory Database. You can edit or add any detail, including additionally affected ecosystems, severity level or description of who is impacted. The GitHub Security Lab curation team will review the submitted improvements and publish them onto the GitHub Advisory Database if accepted.

Editing advisories in the GitHub Advisory Database

  1. Navigate to https://github.com/advisories.

  2. Select the security advisory you would like to contribute to.

  3. On the right-hand side of the page, click the Suggest improvements for this vulnerability link.

    Screenshot of the suggest improvements link

  4. In the "Improve security advisory" form, make the desired improvements. You can edit or add any detail.

  5. When you finish editing the advisory, click Submit improvements.

  6. Once you submit your improvements, a pull request containing your changes will be created for review in github/advisory-database by the GitHub Security Lab curation team. If the advisory originated from a GitHub repository, we will also tag the original publisher for optional commentary. You can view the pull request and get notifications when it is updated or closed.

You can also open a pull request directly on an advisory file in the github/advisory-database repository. For more information, see the contribution guidelines.