# How to contribute?

This website reflects the current state of data stored in our [GitHub repository](https://github.com/wiz-sec/open-cvdb). To contribute information about missing cloud vulnerabilities and security issues, you can either use our [contribution form](https://github.com/wiz-sec/open-cvdb/issues/new?assignees=&labels=addition&projects=&template=contribution-template.md&title=%5BContribution%5D+Add+security+issue+or+vulnerability) or create a pull request and our maintainers will review your suggestion within a few days (but usually sooner). Please make sure that your contributions match our [criteria for inclusion](http://cloudvulndb.org/about).

When creating a pull request, please adhere to the following guidelines:
1.  Use the [CVDB YAML](https://github.com/wiz-sec/open-cvdb/blob/main/pages/sample.yaml) format. 
2.	Include public references (as URLs).
3.	Provide a clear and detailed description of the issue.
4.	Give the issue a descriptive and non-generic title.
5.	Assign the issue an estimated severity and/or rate it using the [Piercing Index](https://github.com/piercing-index/cloud-vulnerabilities).
6.	Give proper credit to the researchers involved in the discovery.
7.	Use respectful language (avoid disparaging CSPs, vendors or researchers).

Please note that this database only includes information about publicly known issues and is not an appropriate venue for initial disclosure. Therefore, please refrain from using this platform to publish non-public information, and reach out to the relevant CSP or vendor instead.

Feel free to join the discussion about cloud vulnerability enumeration on [Slack](https://join.slack.com/t/cloud-cve-db/shared_invite/zt-y38smqmo-V~d4hEr_stQErVCNx1OkMA).
