# Security Policy

If you believe you have found a security vulnerability, please make every effort to report it to the appropriate maintainers responsibly so that it can be fixed discreetly (also known as "embargo").

When the issue relates to a specific image, please make an effort to (privately) contact the maintainers of that specific image.  Some maintainers publish/maintain a `SECRUITY.md` in their GitHub repository, for example, which can be a great place to find information about how to report an issue appropriately.

For issues related to anything maintained under [@docker-library on GitHub](https://github.com/docker-library) or associated infrastructure, please [send an email to `doi-security@infosiftr.com`](mailto:doi-security@infosiftr.com).

Image maintainers should also be aware of the ["Security Releases" section of the maintainer documentation](https://github.com/docker-library/official-images#security-releases) for pre-notifying the project maintainers of upcoming security-related releases.