How-tos for reporting vulnerabilities
Learn how to report vulnerabilities and evaluate the security settings of a repository on GitHub.
Privately reporting a security vulnerability
Some public repositories configure security advisories so that anyone can report security vulnerabilities directly and privately to the maintainers.
Evaluating the security settings of a repository
Security researchers can assess the security settings of a public repository, suggest a security policy and report a vulnerability.