Make "About global security advisories" scannable (#59651)

lecoursen · Copilot · mchammer01 · web-flow · commit 1e1a1ee895d0 · 2026-02-19T16:31:21.000Z
Co-authored-by: Copilot Autofix powered by AI &lt;175728472+Copilot@users.noreply.github.com&gt;
Co-authored-by: mc &lt;42146119+mchammer01@users.noreply.github.com&gt;
diff --git a/content/code-security/concepts/vulnerability-reporting-and-management/about-global-security-advisories.md b/content/code-security/concepts/vulnerability-reporting-and-management/about-global-security-advisories.md
@@ -1,7 +1,7 @@
 ---
 title: About global security advisories
 shortTitle: Global security advisories
-intro: Global security advisories live in the {% data variables.product.prodname_advisory_database %}, a collection of CVEs and {% data variables.product.company_short %}-originated advisories affecting the open source world. You can contribute to improving global security advisories.
+intro: Global security advisories are CVEs and {% data variables.product.company_short %}-originated advisories affecting the open source world, located in the {% data variables.product.prodname_advisory_database %}.
 versions:
   fpt: '*'
   ghec: '*'
@@ -19,22 +19,24 @@ redirect_from:
 
 ## About global security advisories
 
-{% ifversion fpt or ghec %}There are two types of advisories: global security advisories and repository security advisories. For more information about repository security advisories, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/about-repository-security-advisories).{% endif %}
-
-Global security advisories are grouped into these categories: {% data variables.product.company_short %}-reviewed advisories, unreviewed advisories, and malware advisories.
+{% ifversion fpt or ghec %} There are two types of advisories: global security advisories and repository security advisories. {% endif %}**Global** advisories live in the [{% data variables.product.prodname_advisory_database %}](https://github.com/advisories) and are grouped into three categories:
 * {% data reusables.advisory-database.github-reviewed-overview %}
 * {% data reusables.advisory-database.unreviewed-overview %}
 * {% data reusables.advisory-database.malware-overview %}
 
 > [!NOTE]
 > {% data variables.product.prodname_dependabot %} doesn't generate {% data variables.product.prodname_dependabot_alerts %} for unreviewed and malware advisories.
 
-For more information about the {% data variables.product.prodname_advisory_database %}, see [AUTOTITLE](/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/about-the-github-advisory-database).
+Every **repository** advisory is reviewed by the {% data variables.product.prodname_security %} curation team for consideration as a global advisory. We publish security advisories for any of the ecosystems supported by the dependency graph to the {% data variables.product.prodname_advisory_database %}.
+
+Anyone can suggest improvements on any global security advisory. You can edit or add any detail, including additionally affected ecosystems, severity level or description of who is impacted. The {% data variables.product.prodname_security %} curation team will review the submitted improvements.
 
-{% data reusables.security-advisory.global-advisories %}
+## Next steps
 
-Every repository advisory is reviewed by the {% data variables.product.prodname_security %} curation team for consideration as a global advisory. We publish security advisories for any of the ecosystems supported by the dependency graph to the {% data variables.product.prodname_advisory_database %} on [github.com/advisories](https://github.com/advisories).
+Access advisories in the {% data variables.product.prodname_advisory_database %}. See [AUTOTITLE](/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/browsing-security-advisories-in-the-github-advisory-database).
 
-You can access any advisory in the {% data variables.product.prodname_advisory_database %}. For more information, see [AUTOTITLE](/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/browsing-security-advisories-in-the-github-advisory-database).
+{% ifversion fpt or ghec %}
+## Further reading
 
-You can suggest improvements to any advisory in the {% data variables.product.prodname_advisory_database %}. For more information, see [AUTOTITLE](/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/editing-security-advisories-in-the-github-advisory-database).
+* [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/about-repository-security-advisories)
+{% endif %}
diff --git a/data/reusables/advisory-database/github-reviewed-overview.md b/data/reusables/advisory-database/github-reviewed-overview.md
@@ -1 +1 @@
-{% data variables.product.company_short %}-reviewed advisories are security vulnerabilities that have been mapped to packages in ecosystems we support. We carefully review each advisory for validity and ensure that they have a full description, and contain both ecosystem and package information.
+**{% data variables.product.company_short %}-reviewed** advisories are mapped to packages in ecosystems we support. We carefully review each advisory for validity and ensure that they contain a full description and both ecosystem and package information.
diff --git a/data/reusables/advisory-database/malware-overview.md b/data/reusables/advisory-database/malware-overview.md
@@ -1 +1 @@
-Malware advisories relate to vulnerabilities caused by malware, and are security advisories that {% data variables.product.prodname_dotcom %} publishes automatically into the {% data variables.product.prodname_advisory_database %}, directly from information provided by the npm security team. Malware advisories are exclusive to the npm ecosystem. {% data variables.product.prodname_dotcom %} doesn't edit or accept community contributions on these advisories.
+**Malware** advisories relate to vulnerabilities caused by malware and are exclusive to the **npm** ecosystem. We publish them automatically into the {% data variables.product.prodname_advisory_database %}, directly from information provided by the npm security team.
diff --git a/data/reusables/advisory-database/unreviewed-overview.md b/data/reusables/advisory-database/unreviewed-overview.md
@@ -1 +1 @@
-Unreviewed advisories are security vulnerabilities that we publish automatically into the {% data variables.product.prodname_advisory_database %}, directly from the National Vulnerability Database feed.
+**Unreviewed** advisories are published automatically into the {% data variables.product.prodname_advisory_database %}, directly from the National Vulnerability Database feed.

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-{% data variables.product.company_short %}-reviewed advisories are security vulnerabilities that have been mapped to packages in ecosystems we support. We carefully review each advisory for validity and ensure that they have a full description, and contain both ecosystem and package information.`
	`1`	`+{% data variables.product.company_short %}-reviewed advisories are mapped to packages in ecosystems we support. We carefully review each advisory for validity and ensure that they contain a full description and both ecosystem and package information.`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-Malware advisories relate to vulnerabilities caused by malware, and are security advisories that {% data variables.product.prodname_dotcom %} publishes automatically into the {% data variables.product.prodname_advisory_database %}, directly from information provided by the npm security team. Malware advisories are exclusive to the npm ecosystem. {% data variables.product.prodname_dotcom %} doesn't edit or accept community contributions on these advisories.`
	`1`	`+Malware advisories relate to vulnerabilities caused by malware and are exclusive to the npm ecosystem. We publish them automatically into the {% data variables.product.prodname_advisory_database %}, directly from information provided by the npm security team.`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-Unreviewed advisories are security vulnerabilities that we publish automatically into the {% data variables.product.prodname_advisory_database %}, directly from the National Vulnerability Database feed.`
	`1`	`+Unreviewed advisories are published automatically into the {% data variables.product.prodname_advisory_database %}, directly from the National Vulnerability Database feed.`