• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Security Policy
2
3ImageMagick recommended practices **strongly** encourages you to configure a [security policy](https://imagemagick.org/script/security-policy.php) that suits your local environment.
4
5## Supported Versions
6
7We encourage users to upgrade to the lastest ImageMagick release to ensure that all known security vulnerabilities are addressed.  On request, we can backport a vulnerability to other ImageMagick versions.
8
9## Reporting a Vulnerability
10
11Post any vulnerability as an [issue](https://github.com/ImageMagick/ImageMagick/issues). Or you can post privately to the ImageMagick development [team](https://imagemagick.org/script/contact.php). Most vulnerabilities are fixed within 48 hours.
12
13In addition, request a [CVE](https://cve.mitre.org/cve/request_id.html).  We rely on you to post CVE's so our development team can concentrate on delivering a robust security patch.
14