Skip to main content

Concepts for vulnerability reporting and management

Learn core concepts relating to vulnerability reporting and management on GitHub.

GitHub Advisory database

Research known security vulnerabilities and malware in open source packages, so you can understand and remediate the risks in your dependencies.

Global security advisories

Global security advisories are CVEs and GitHub-originated advisories affecting the open source world, located in the GitHub Advisory Database.

Exposure to vulnerabilities in your code and in dependencies

Understand how vulnerabilities in your own code and in third-party dependencies contribute to your organization's overall security exposure, and how to measure and reduce that risk.