Working with repository security advisories

The actions you can take in a repository security advisory depend on whether you have admin or write permissions to the security advisory.

Organization owners and security managers can allow security researchers to report vulnerabilities securely in repositories within the organization by enabling private vulnerability reporting for all its public repositories.