About GitHub Security Advisories→
You can use GitHub Security Advisories to privately discuss, fix, and publish information about security vulnerabilities in your repository.
Permission levels for security advisories→
The actions you can take in a security advisory depend on whether you have admin or write permissions to the security advisory.
Creating a security advisory→
You can create a draft security advisory to privately discuss and fix a security vulnerability in your open source project.
Adding a collaborator to a security advisory→
Removing a collaborator from a security advisory→
When you remove a collaborator from a security advisory, they lose read and write access to the security advisory's discussion and metadata.
Publishing a security advisory→
You can publish a security advisory to alert your community about a security vulnerability in your project.
Withdrawing a security advisory→
You can withdraw a security advisory that you've published.