chore(docs): add security advisories section

stirby · stirby · commit 60012b090a11 · 2024-09-17T14:45:39.000Z
Provide essential information for reporting vulnerabilities and list known security advisories with details on fixes and affected versions.

- Added instructions for reporting vulnerabilities
- Included a table to list known vulnerabilities with severity, fix version, and affected versions
- Added initial entry for API tokens invalidation issue
diff --git a/docs/admin/security/README.md b/docs/admin/security/README.md
@@ -1 +1,20 @@
-TODO
+# Security Advisories
+
+> If you discover a vulnerability in Coder, please do not hesitate to report it
+> to us by following the instructions
+> [here](https://github.com/coder/coder/blob/main/SECURITY.md).
+
+From time to time, Coder employees or other community members may discover
+vulnerabilities in the product.
+
+If a vulnerability requires an immediate upgrade to mitigate a potential
+security risk, we will add it to the below table.
+
+Click on the description links to view more details about each specific
+vulnerability.
+
+---
+
+| Description                                                                        | Severity | Fix                                                            | Vulnerable Versions |
+| ---------------------------------------------------------------------------------- | -------- | -------------------------------------------------------------- | ------------------- |
+| [API tokens of deleted users not invalidated](./0001_user_apikeys_invalidation.md) | HIGH     | [v0.23.0](https://github.com/coder/coder/releases/tag/v0.23.0) | v0.8.25 - v0.22.2   |
