You can create a draft security advisory by clicking here.
This repository is used to report security advisories to any Steeltoe Project. It is an empty repository, so that collaborators can add code from any repository to the private forks created for the advisories. Please see https://spring.io/security-policy