Einen Sicherheitshinweis bearbeiten

Du kannst die Metadaten und die Beschreibung für einen Sicherheitshinweis bearbeiten, wenn Du Details aktualisieren oder Fehler korrigieren musst.

Personen mit Administratorberechtigungen für einen Sicherheitshinweis können den Hinweise bearbeiten.

About credits for security advisories

You can credit people who helped discover, report, or fix a security vulnerability. If you credit someone, they can choose to accept or decline credit.

If someone accepts credit, the person's username appears in the "Credits" section of the security advisory. Anyone with read access to the repository can see the advisory and the people who accepted credit for it.

If you believe you should be credited for a security advisory, please contact the person who created the advisory and ask them to edit the advisory to include your credit. Only the creator of the advisory can credit you, so please don't contact GitHub Support about credits for security advisories.

Einen Sicherheitshinweis bearbeiten

  1. Navigiere in GitHub zur Hauptseite des Repository.
  2. Klicke unter Deinem Repository-Namen auf Security (Sicherheit). Registerkarte „Security“ (Sicherheit)
  3. Klicke in der linken Seitenleiste auf Security advisories (Sicherheitshinweise). Registerkarte „Security advisories" (Sicherheitshinweise)
  4. Klicke in der Liste „Security Advisories“ (Sicherheitshinweise) auf den Hinweis, den Du bearbeiten möchtest.
  5. Klicke in der rechten oberen Ecke der Details zum Sicherheitshinweis auf . Schaltfläche „Edit" (Bearbeiten) für einen Sicherheitshinweis
  6. Edit the product and versions affected by the security vulnerability that this security advisory addresses. Sicherheitshinweis-Metadaten
  7. Select the severity of the security vulnerability. To assign a CVSS score, select "Assess severity using CVSS" and click the appropriate values in the calculator. GitHub calculates the score according to the "Common Vulnerability Scoring System Calculator." Drop-down menu to select the severity
  8. Add common weakness enumerators (CWEs) for the kinds of security weaknesses that this security advisory addresses. For a full list of CWEs, see the "Common Weakness Enumeration" from MITRE.
  9. If you have an existing CVE identifier, select "I have an existing CVE identifier" and type the CVE identifier in the text box. Otherwise, you can request a CVE from GitHub later. Weitere Informationen findest Du unter „ Über GitHub Security Advisories."
  10. Gib eine Beschreibung der Sicherheitslücke ein. Sicherheitslücken-Beschreibung im Sicherheitshinweis
  11. Optionally, edit the "Credits" for the security advisory. Credits for a security advisory
  12. Klicke auf Update security advisory (Aktualisiere Sicherheitshinweis). Schaltfläche „Add“ (Hinzufügen)
  13. The people listed in the "Credits" section will receive an email or web notification inviting them to accept credit. If a person accepts, their username will be publicly visible once the security advisory is published.

Weiterführende Informationen

Did this doc help you?Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Oder, learn how to contribute.