CINXE.COM
Beleid inzake openbaarmaking van kwetsbaarheden - Europese Commissie
<!DOCTYPE html> <html lang="nl" dir="ltr" prefix="og: https://ogp.me/ns#"> <head> <meta charset="utf-8" /> <meta name="description" content="Lees hoe in de communicatie- en informatiesystemen van de Commissie vastgestelde kwetsbaarheden kunnen worden getest en gerapporteerd, zoals beschreven in haar openbaarmakingsbeleid" /> <meta name="keywords" content="cyberbeveiliging, gegevensbescherming" /> <meta http-equiv="content-language" content="nl" /> <link rel="canonical" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_nl" /> <meta property="og:determiner" content="auto" /> <meta property="og:site_name" content="Europese Commissie" /> <meta property="og:type" content="website" /> <meta property="og:url" content="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_nl" /> <meta property="og:title" content="Beleid inzake openbaarmaking van kwetsbaarheden" /> <meta property="og:description" content="Lees hoe in de communicatie- en informatiesystemen van de Commissie vastgestelde kwetsbaarheden kunnen worden getest en gerapporteerd, zoals beschreven in haar openbaarmakingsbeleid" /> <meta name="twitter:card" content="summary_large_image" /> <meta name="twitter:title" content="Beleid inzake openbaarmaking van kwetsbaarheden" /> <meta name="twitter:description" content="Lees hoe in de communicatie- en informatiesystemen van de Commissie vastgestelde kwetsbaarheden kunnen worden getest en gerapporteerd, zoals beschreven in haar openbaarmakingsbeleid" /> <meta name="twitter:url" content="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_nl" /> <meta property="og:image" content="https://commission.europa.eu/profiles/contrib/ewcms/modules/ewcms_seo/assets/images/ec-socialmedia-fallback.png" /> <meta property="og:image:alt" content="Europese Commissie" /> <meta name="twitter:image" content="https://commission.europa.eu/profiles/contrib/ewcms/modules/ewcms_seo/assets/images/ec-socialmedia-fallback.png" /> <meta name="twitter:image:alt" content="Europese Commissie" /> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" /> <meta name="Generator" content="Drupal 10 (https://www.drupal.org)" /> <meta name="MobileOptimized" content="width" /> <meta name="HandheldFriendly" content="true" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <script type="application/json">{"service":"etrans","renderAs":false,"user":"European Commission","exclude":".ecl-site-header__language-item,.ecl-site-header__language-selector,.toolbar","languages":{"source":"nl","available":["bg","es","cs","da","de","et","el","en","fr","ga","hr","it","lv","lt","hu","mt","nl","pl","pt","ro","sk","sl","fi","sv"]},"config":{"live":false,"mode":"lc2023","targets":{"receiver":"#webtools-etrans"}}}</script> <script type="application/json">{"service":"preview","position":"before"}</script> <link rel="icon" href="/profiles/contrib/ewcms/themes/ewcms_theme/images/favicons/ec/favicon.ico" type="image/vnd.microsoft.icon" /> <link rel="alternate" hreflang="bg" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_bg" /> <link rel="alternate" hreflang="es" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_es" /> <link rel="alternate" hreflang="cs" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_cs" /> <link rel="alternate" hreflang="da" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_da" /> <link rel="alternate" hreflang="de" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_de" /> <link rel="alternate" hreflang="et" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_et" /> <link rel="alternate" hreflang="el" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_el" /> <link rel="alternate" hreflang="en" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_en" /> <link rel="alternate" hreflang="fr" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_fr" /> <link rel="alternate" hreflang="ga" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_ga" /> <link rel="alternate" hreflang="hr" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_hr" /> <link rel="alternate" hreflang="it" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_it" /> <link rel="alternate" hreflang="lv" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_lv" /> <link rel="alternate" hreflang="lt" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_lt" /> <link rel="alternate" hreflang="hu" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_hu" /> <link rel="alternate" hreflang="mt" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_mt" /> <link rel="alternate" hreflang="nl" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_nl" /> <link rel="alternate" hreflang="pl" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_pl" /> <link rel="alternate" hreflang="pt-pt" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_pt" /> <link rel="alternate" hreflang="ro" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_ro" /> <link rel="alternate" hreflang="sk" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_sk" /> <link rel="alternate" hreflang="sl" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_sl" /> <link rel="alternate" hreflang="fi" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_fi" /> <link rel="alternate" hreflang="sv" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_sv" /> <link rel="icon" href="/profiles/contrib/ewcms/themes/ewcms_theme/images/favicons/ec/favicon.svg" type="image/svg+xml" /> <link rel="apple-touch-icon" href="/profiles/contrib/ewcms/themes/ewcms_theme/images/favicons/ec/favicon.png" /> <title>Beleid inzake openbaarmaking van kwetsbaarheden - Europese Commissie</title> <link rel="stylesheet" media="all" href="/sites/default/files/css/css_E0trLxjZ08xx2-bYUIk8bNOOHgg-8aEs08g5lQle1oI.css?delta=0&language=nl&theme=ewcms_theme&include=eJxtTe0KwyAMfCGpjySpzdowTYKJbL79ZLSUwX4cHPcpmPzAijFLVWFkT4XWBm0kzMGGOda4gmGQK6mN2AO-crVTeRCWLeHbsTGURFn4xz_5UNkb6DH-mLPic6DPeiF-WlBo8E1b3FpXKMutLJ21r4XswC2YQp3gCG60n8fXpUhx0g_wOltU" /> <link rel="stylesheet" media="all" href="/sites/default/files/css/css_mLUE_thb5nTPavpXGawZfMrskTEgPqunVakABR6iV7w.css?delta=1&language=nl&theme=ewcms_theme&include=eJxtTe0KwyAMfCGpjySpzdowTYKJbL79ZLSUwX4cHPcpmPzAijFLVWFkT4XWBm0kzMGGOda4gmGQK6mN2AO-crVTeRCWLeHbsTGURFn4xz_5UNkb6DH-mLPic6DPeiF-WlBo8E1b3FpXKMutLJ21r4XswC2YQp3gCG60n8fXpUhx0g_wOltU" /> <link rel="stylesheet" media="print" href="/sites/default/files/css/css_bK35D3_dPyjb_dlLObCCrt97zQ63u--0DEvXDOkmxKY.css?delta=2&language=nl&theme=ewcms_theme&include=eJxtTe0KwyAMfCGpjySpzdowTYKJbL79ZLSUwX4cHPcpmPzAijFLVWFkT4XWBm0kzMGGOda4gmGQK6mN2AO-crVTeRCWLeHbsTGURFn4xz_5UNkb6DH-mLPic6DPeiF-WlBo8E1b3FpXKMutLJ21r4XswC2YQp3gCG60n8fXpUhx0g_wOltU" /> <link rel="stylesheet" media="all" href="/sites/default/files/css/css_jMGhpbv_6M-gylIQY0UUqVmjj-r9d-ggiKhhqt43n6I.css?delta=3&language=nl&theme=ewcms_theme&include=eJxtTe0KwyAMfCGpjySpzdowTYKJbL79ZLSUwX4cHPcpmPzAijFLVWFkT4XWBm0kzMGGOda4gmGQK6mN2AO-crVTeRCWLeHbsTGURFn4xz_5UNkb6DH-mLPic6DPeiF-WlBo8E1b3FpXKMutLJ21r4XswC2YQp3gCG60n8fXpUhx0g_wOltU" /> <link rel="stylesheet" media="print" href="/sites/default/files/css/css_b9FJ_v0CYWKDGP5uXcYLv1GutQmplJrV5UzLhHMSyUU.css?delta=4&language=nl&theme=ewcms_theme&include=eJxtTe0KwyAMfCGpjySpzdowTYKJbL79ZLSUwX4cHPcpmPzAijFLVWFkT4XWBm0kzMGGOda4gmGQK6mN2AO-crVTeRCWLeHbsTGURFn4xz_5UNkb6DH-mLPic6DPeiF-WlBo8E1b3FpXKMutLJ21r4XswC2YQp3gCG60n8fXpUhx0g_wOltU" /> <link rel="stylesheet" media="all" href="/sites/default/files/css/css_HARlYiESO-_6hCwZV1CscsX-NvA5_Ax4xNwR0a5Axzs.css?delta=5&language=nl&theme=ewcms_theme&include=eJxtTe0KwyAMfCGpjySpzdowTYKJbL79ZLSUwX4cHPcpmPzAijFLVWFkT4XWBm0kzMGGOda4gmGQK6mN2AO-crVTeRCWLeHbsTGURFn4xz_5UNkb6DH-mLPic6DPeiF-WlBo8E1b3FpXKMutLJ21r4XswC2YQp3gCG60n8fXpUhx0g_wOltU" /> </head> <body class="language-nl ecl-typography path-node page-node-type-landing-page"> <a href="#main-content" class="ecl-link ecl-link--primary ecl-skip-link" id="skip-id" >Direct naar de inhoud</a> <div id="cck_here"></div> <script type="application/json">{"utility":"globan","theme":"light","logo":true,"link":true,"mode":false}</script> <div class="dialog-off-canvas-main-canvas" data-off-canvas-main-canvas> <header class="ecl-site-header " data-ecl-auto-init="SiteHeader" > <div class="ecl-site-header__background"> <div class="ecl-site-header__header"> <div class="ecl-site-header__container ecl-container"> <div class="ecl-site-header__top" data-ecl-site-header-top> <a class="ecl-link ecl-link--standalone ecl-site-header__logo-link" href="https://commission.europa.eu/index_nl" aria-label="Home - Europese Commissie" data-aria-label-en="Home - European Commission" > <picture class="ecl-picture ecl-site-header__picture" title="Europese Commissie" ><source srcset="/themes/contrib/oe_theme/dist/ec/images/logo/positive/logo-ec--nl.svg" media="(min-width: 996px)" ><img class="ecl-site-header__logo-image" src="/themes/contrib/oe_theme/dist/ec/images/logo/logo-ec--mute.svg" alt="Logo van de Europese Commissie" ></picture> </a> <div class="ecl-site-header__action"> <div class="ecl-site-header__language"><a class="ecl-button ecl-button--tertiary ecl-site-header__language-selector" href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_nl" data-ecl-language-selector role="button" aria-label="Change language, current language is Nederlands - nl" aria-controls="language-list-overlay" ><span class="ecl-site-header__language-icon"><svg class="ecl-icon ecl-icon--s ecl-site-header__icon" focusable="false" aria-hidden="false" role="img"><title >nl</title><use xlink:href="/themes/contrib/oe_theme/dist/ec/images/icons/sprites/icons.svg#global"></use></svg></span>nl</a><div class="ecl-site-header__language-container" id="language-list-overlay" hidden data-ecl-language-list-overlay aria-labelledby="ecl-site-header__language-title" role="dialog"><div class="ecl-site-header__language-header"><div class="ecl-site-header__language-title" id="ecl-site-header__language-title" >Select your language</div><button class="ecl-button ecl-button--tertiary ecl-site-header__language-close ecl-button--icon-only" type="submit" data-ecl-language-list-close ><span class="ecl-button__container"><span class="ecl-button__label" data-ecl-label="true">Sluiten</span><svg class="ecl-icon ecl-icon--m ecl-button__icon" focusable="false" aria-hidden="true" data-ecl-icon><use xlink:href="/themes/contrib/oe_theme/dist/ec/images/icons/sprites/icons.svg#close"></use></svg></span></button></div><div class="ecl-site-header__language-content" data-ecl-language-list-content ><div class="ecl-site-header__language-category" data-ecl-language-list-eu><ul class="ecl-site-header__language-list"><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_bg" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="bg" ><span class="ecl-site-header__language-link-code">bg</span><span class="ecl-site-header__language-link-label" lang="bg">български</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_es" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="es" ><span class="ecl-site-header__language-link-code">es</span><span class="ecl-site-header__language-link-label" lang="es">español</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_cs" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="cs" ><span class="ecl-site-header__language-link-code">cs</span><span class="ecl-site-header__language-link-label" lang="cs">čeština</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_da" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="da" ><span class="ecl-site-header__language-link-code">da</span><span class="ecl-site-header__language-link-label" lang="da">dansk</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_de" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="de" ><span class="ecl-site-header__language-link-code">de</span><span class="ecl-site-header__language-link-label" lang="de">Deutsch</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_et" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="et" ><span class="ecl-site-header__language-link-code">et</span><span class="ecl-site-header__language-link-label" lang="et">eesti</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_el" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="el" ><span class="ecl-site-header__language-link-code">el</span><span class="ecl-site-header__language-link-label" lang="el">ελληνικά</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_en" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="en" ><span class="ecl-site-header__language-link-code">en</span><span class="ecl-site-header__language-link-label" lang="en">English</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_fr" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="fr" ><span class="ecl-site-header__language-link-code">fr</span><span class="ecl-site-header__language-link-label" lang="fr">français</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_ga" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="ga" ><span class="ecl-site-header__language-link-code">ga</span><span class="ecl-site-header__language-link-label" lang="ga">Gaeilge</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_hr" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="hr" ><span class="ecl-site-header__language-link-code">hr</span><span class="ecl-site-header__language-link-label" lang="hr">hrvatski</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_it" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="it" ><span class="ecl-site-header__language-link-code">it</span><span class="ecl-site-header__language-link-label" lang="it">italiano</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_lv" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="lv" ><span class="ecl-site-header__language-link-code">lv</span><span class="ecl-site-header__language-link-label" lang="lv">latviešu</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_lt" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="lt" ><span class="ecl-site-header__language-link-code">lt</span><span class="ecl-site-header__language-link-label" lang="lt">lietuvių</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_hu" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="hu" ><span class="ecl-site-header__language-link-code">hu</span><span class="ecl-site-header__language-link-label" lang="hu">magyar</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_mt" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="mt" ><span class="ecl-site-header__language-link-code">mt</span><span class="ecl-site-header__language-link-label" lang="mt">Malti</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_nl" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link ecl-site-header__language-link--active" hreflang="nl" ><span class="ecl-site-header__language-link-code">nl</span><span class="ecl-site-header__language-link-label" lang="nl">Nederlands</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_pl" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="pl" ><span class="ecl-site-header__language-link-code">pl</span><span class="ecl-site-header__language-link-label" lang="pl">polski</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_pt" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="pt" ><span class="ecl-site-header__language-link-code">pt</span><span class="ecl-site-header__language-link-label" lang="pt">português</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_ro" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="ro" ><span class="ecl-site-header__language-link-code">ro</span><span class="ecl-site-header__language-link-label" lang="ro">română</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_sk" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="sk" ><span class="ecl-site-header__language-link-code">sk</span><span class="ecl-site-header__language-link-label" lang="sk">slovenčina</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_sl" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="sl" ><span class="ecl-site-header__language-link-code">sl</span><span class="ecl-site-header__language-link-label" lang="sl">slovenščina</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_fi" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="fi" ><span class="ecl-site-header__language-link-code">fi</span><span class="ecl-site-header__language-link-label" lang="fi">suomi</span></a></li><li class="ecl-site-header__language-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_sv" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-site-header__language-link" hreflang="sv" ><span class="ecl-site-header__language-link-code">sv</span><span class="ecl-site-header__language-link-label" lang="sv">svenska</span></a></li></ul></div></div></div></div> <div class="ecl-site-header__search-container" role="search"> <a class="ecl-button ecl-button--tertiary ecl-site-header__search-toggle" href="" data-ecl-search-toggle="true" aria-controls="oe-search-search-form" aria-expanded="false" ><svg class="ecl-icon ecl-icon--s ecl-site-header__icon" focusable="false" aria-hidden="true" role="img"><use xlink:href="/themes/contrib/oe_theme/dist/ec/images/icons/sprites/icons.svg#search"></use></svg>Zoeken </a> <form class="ecl-search-form ecl-site-header__search" role="search" action="/legal-notice/vulnerability-disclosure-policy_nl" method="post" id="oe-search-search-form" accept-charset="UTF-8" data-ecl-search-form ><div class="ecl-form-group"><label for="edit-keys" id="edit-keys-label" class="ecl-form-label ecl-search-form__label" >Zoeken</label><input id="edit-keys" class="ecl-text-input ecl-text-input--m ecl-search-form__text-input form-search ecl-search-form__text-input" name="keys" type="search" ></div><button class="ecl-button ecl-button--ghost ecl-search-form__button ecl-search-form__button" type="submit" ><span class="ecl-button__container"><svg class="ecl-icon ecl-icon--xs ecl-button__icon" focusable="false" aria-hidden="true" data-ecl-icon><use xlink:href="/themes/contrib/oe_theme/dist/ec/images/icons/sprites/icons.svg#search"></use></svg><span class="ecl-button__label" data-ecl-label="true">Zoeken</span></span></button><input data-drupal-selector="form-bf4n7odovbsf9lyl-nqx6hchpijv8sns-fmibuud5ck" type="hidden" name="form_build_id" value="form-BF4n7OdoVbsF9lYl-Nqx6HCHpiJV8Sns_Fmibuud5Ck" /><input data-drupal-selector="edit-oe-search-search-form" type="hidden" name="form_id" value="oe_search_search_form" /></form> <script type="application/json">{"service":"search","results":"in","form":".ecl-search-form","lang":"nl","key":"europa_default"}</script> </div> </div> </div> </div> </div> </div> <div id="block-ewcms-theme-horizontal-menu"> </div> </header> <div class="ecl-u-mb-2xl" id="block-ewcms-theme-page-header"> <div class="ecl-page-header" ><div class="ecl-container"><nav class="ecl-breadcrumb ecl-page-header__breadcrumb" aria-label="U bent hier:" aria-label="" data-ecl-breadcrumb="true" ><ol class="ecl-breadcrumb__container"><li class="ecl-breadcrumb__segment" data-ecl-breadcrumb-item="static"><a href="/index_nl" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-breadcrumb__link" >Home</a><svg class="ecl-icon ecl-icon--fluid ecl-breadcrumb__icon" focusable="false" aria-hidden="true" role="presentation"><use xlink:href="/themes/contrib/oe_theme/dist/ec/images/icons/sprites/icons.svg#corner-arrow"></use></svg></li><li class="ecl-breadcrumb__segment" data-ecl-breadcrumb-item="static"><a href="/legal-notice_nl" class="ecl-link ecl-link--standalone ecl-link--no-visited ecl-breadcrumb__link" >Juridische mededeling</a><svg class="ecl-icon ecl-icon--fluid ecl-breadcrumb__icon" focusable="false" aria-hidden="true" role="presentation"><use xlink:href="/themes/contrib/oe_theme/dist/ec/images/icons/sprites/icons.svg#corner-arrow"></use></svg></li><li class="ecl-breadcrumb__segment ecl-breadcrumb__current-page" data-ecl-breadcrumb-item="static" aria-current="page"><span>Beleid inzake openbaarmaking van kwetsbaarheden</span></li></ol></nav><div class="ecl-page-header__info"><h1 class="ecl-page-header__title"><span>Beleid inzake openbaarmaking van kwetsbaarheden</span></h1></div></div></div> </div> <main class="ecl-u-pb-xl" id="main-content" data-inpage-navigation-source-area="h2.ecl-u-type-heading-2, div.ecl-featured-item__heading"> <div class="ecl-container"> <div class="ecl-row"> <div class="ecl-col-s-12 ewcms-top-sidebar"> <div> <div data-drupal-messages-fallback class="hidden"></div> </div> </div> </div> <div class="ecl-row"> <div class="ecl-col-s-12"> <div id="block-ewcms-theme-main-page-content" data-inpage-navigation-source-area="h2, div.ecl-featured-item__heading" class="ecl-u-mb-l"> <article dir="ltr"> <div> <div class="ecl-u-mb-2xl"> <a id="paragraph_40227"></a> <h2 class="ecl-u-type-heading-2">Inleiding</h2> <div class="ecl"><p>Bij de Europese Commissie is de beveiliging van onze communicatie- en informatiesystemen een topprioriteit, in overeenstemming met <a href="https://eur-lex.europa.eu/legal-content/NL/TXT/?uri=CELEX%3A32017D0046">Besluit (EG) nr. 2017/46 van de Commissie</a>.</p> <p>Kwetsbaarheden kunnen echter nooit volledig worden uitgesloten, ondanks alle inspanningen. Wanneer kwetsbaarheden worden ontdekt en uitgebuit, brengt dit de vertrouwelijkheid, integriteit of beschikbaarheid van de systemen van de Europese Commissie en de daarin verwerkte informatie in gevaar.</p> <p>In dit beleid inzake de openbaarmaking van kwetsbaarheden wordt beschreven welke systemen en soorten tests zijn toegestaan en hoe kwetsbaarheidsverslagen moeten worden verzonden. Wij raden u aan contact met ons op te nemen om mogelijke veiligheidsproblemen in onze systemen te melden.</p></div> </div> <div class="ecl-u-mb-2xl"> <a id="paragraph_40874"></a> <h2 class="ecl-u-type-heading-2">Machtiging</h2> <div class="ecl"><p>Als u te goeder trouw handelt om kwetsbaarheden in de systemen van de Europese Commissie op te sporen en te melden in overeenstemming met dit beleid, zullen wij met u samenwerken om de problemen snel te begrijpen en op te lossen.<br> De Europese Commissie zal geen gerechtelijke stappen ondernemen in verband met uw activiteiten om kwetsbaarheden in onze systemen vast te stellen zolang u de richtlijnen van dit beleid volgt.</p></div> </div> <div class="ecl-u-mb-2xl"> <a id="paragraph_40228"></a> <h2 class="ecl-u-type-heading-2">Toepassingsgebied</h2> <div class="ecl"><p>Dit beleid is van toepassing op alle internetsystemen van de Europese Commissie, waaronder:</p> <ul> <li>alle websites van de Europese Commissie <ul> <li>*.ec.europa.eu/*</li> <li>*.commission.europa.eu/*</li> </ul> </li> <li>in het kader van ASN 42848 geadverteerde openbare IP’s en bijbehorende diensten</li> <li>andere door de Europese Commissie gepubliceerde software</li> </ul> <p>Diensten die hierboven niet uitdrukkelijk zijn vermeld, zijn van het toepassingsgebied uitgesloten en mogen niet worden getest.<br> Bovendien zijn kwetsbaarheden die in systemen van verkopers worden aangetroffen, ook uitgesloten van het toepassingsgebied en moeten deze rechtstreeks aan de verkoper worden gemeld overeenkomstig hun eigen openbaarmakingsbeleid (indien van toepassing).</p></div> </div> <div class="ecl-u-mb-2xl"> <a id="paragraph_40229"></a> <h2 class="ecl-u-type-heading-2">Richtlijnen</h2> <div class="ecl"><h3>Bij het uitvoeren van uw activiteiten is het absoluut noodzakelijk dat u:</h3> <ul> <li>geen gebruik maakt van de kwetsbaarheid of het probleem dat u heeft ontdekt, bijvoorbeeld door meer gegevens te downloaden dan nodig is om de kwetsbaarheid aan te tonen, gegevens van anderen te wissen of te wijzigen</li> <li>alleen onschadelijke handelingen uitvoert om te bevestigen dat er sprake is van kwetsbaarheid</li> <li>tijdens de ontdekking gedownloade gegevens niet openbaar maakt of aan andere partijen onthult</li> <li>de kwetsbaarheid of het probleem pas openbaar maakt of aan andere partijen meldt na de oplossing ervan</li> <li>uw tests stopzet wanneer u gevoelige informatie ontdekt (persoonlijk identificeerbare informatie, medische, financiële, door eigendomsrechten beschermde informatie of bedrijfsgeheimen), dit onmiddellijk aan ons meldt en geen verkregen gegevens aan anderen bekendmaakt</li> </ul> <h3>Voer de volgende handelingen niet uit :</h3> <ul> <li>malware (virus, worm, Trojaans paard enz.) op een systeem plaatsen</li> <li>systemen compromitteren door er volledige of gedeeltelijke controle over te verkrijgen</li> <li>gegevens uit het systeem kopiëren, wijzigen of verwijderen</li> <li>wijzigingen aanbrengen in het systeem</li> <li>herhaaldelijk toegang krijgen tot het systeem of delen met het publiek of andere partijen</li> <li>verkregen toegang gebruiken om toegang te krijgen tot andere systemen</li> <li>toegangsrechten van andere gebruikers wijzigen</li> <li>geautomatiseerde scanners gebruiken</li> <li>met “bruut geweld” toegang krijgen tot een systeem</li> <li>denial-of-service of social engineering (phishing, vishing, spam enz.)</li> <li>aanvallen op fysieke beveiliging</li> </ul></div> </div> <div class="ecl-u-mb-2xl"> <a id="paragraph_40230"></a> <h2 class="ecl-u-type-heading-2">Een kwetsbaarheid melden</h2> <div class="ecl"><h3>Wat we van u willen zien</h3> <p>Hebt u een kwetsbaarheid vastgesteld, gelieve dan</p> <ul> <li>uw bevindingen zo snel mogelijk naar <span class="spamspan" data-spamspan-class="ecl-link"><span class="u">EC-VULNERABILITY-DISCLOSURE</span><img class="spamspan-image" alt="at" src="/modules/contrib/spamspan/image.gif"><span class="d">ec<span class="o"> [dot] </span>europa<span class="o"> [dot] </span>eu</span><span class="t"> (EC-VULNERABILITY-DISCLOSURE[at]ec[dot]europa[dot]eu)</span></span> te sturen, met vermelding of u er al dan niet mee instemt dat uw naam of pseudoniem openbaar wordt gemaakt als ontdekker van het probleem.</li> <li>uw bevindingen met behulp van onze <a href="https://ec.europa.eu/assets/digit/pgpkey/ec-vulnerability-disclosure-pgp.txt" class="ecl-link">PGP-sleutel</a> te versleutelen om te voorkomen dat deze kritieke informatie in de verkeerde handen valt</li> <li>ons voldoende informatie te geven om het probleem te reproduceren, zodat het zo snel mogelijk kan worden opgelost. Doorgaans volstaan het IP-adres of de URL van het getroffen systeem en een beschrijving van de kwetsbaarheid, maar complexe kwetsbaarheden kunnen nadere uitleg vereisen in termen van technische informatie of potentiële proof-of-conceptcode.</li> <li>uw verslag bij voorkeur in het Engels op te stellen, of in een andere officiële taal van de Europese Unie</li> </ul></div> </div> <div class="ecl-u-mb-2xl"> <a id="paragraph_40231"></a> <div class="ecl"><h3>Wat u van ons kunt verwachten</h3> <p>In ruil daarvoor beloven wij het volgende wanneer u ons een kwetsbaarheid meldt:</p> <ul> <li>we reageren binnen drie (3) werkdagen op uw verslag met onze evaluatie ervan</li> <li>we behandelen uw verslag strikt vertrouwelijk</li> <li>we stellen u zo mogelijk op de hoogte wanneer de kwetsbaarheid is verholpen</li> <li>we verwerken de persoonsgegevens die u verstrekt (zoals uw e-mailadres en uw naam) in overeenstemming met de toepasselijke wetgeving inzake gegevensbescherming en geven uw persoonsgegevens niet zonder uw toestemming aan derden door</li> <li>we publiceren uw naam als ontdekker van het probleem, als u hiermee akkoord bent gegaan in uw eerste e-mail, wanneer en indien wij het probleem openbaar maken</li> </ul></div> </div> </div> </article> </div> </div> </div> <div class="ecl-row"> <div class="ecl-col-s-12"> <div> <div id="block-ewcms-theme-socialshare"> <div class="ecl-social-media-share"> <p class="ecl-social-media-share__description"> Delen </p> <script type="application/json">{"service":"share","version":"2.0","networks":["twitter","facebook","linkedin","email","more"],"display":"icons","stats":true,"selection":true}</script> </div> </div> </div> </div> </div> </div> </main> <div id="block-ewcms-theme-pagefeedbackform"> <script type="application/json">{"service":"dff","id":"mKCuJxpV_dff_v2","lang":"nl","version":"2.0"}</script> </div> <footer class="ecl-site-footer ecl-site-footer--split-columns" data-logo-area-label-en="Home - European Commission" ><div class="ecl-container ecl-site-footer__container"><div class="ecl-site-footer__row"><div class="ecl-site-footer__column"><div class="ecl-site-footer__section"><a href="https://commission.europa.eu/index_nl" class="ecl-link ecl-link--standalone ecl-site-footer__logo-link" ><picture class="ecl-picture ecl-site-footer__picture" title="Europese Commissie" ><source srcset="/themes/contrib/oe_theme/dist/ec/images/logo/negative/logo-ec--nl.svg" media="(min-width: 996px)" ><img class="ecl-site-footer__logo-image" src="/themes/contrib/oe_theme/dist/ec/images/logo/negative/logo-ec--nl.svg" alt="Logo van de Europese Commissie" ></picture></a><div class="ecl-site-footer__description">Deze site wordt beheerd door:<br />Directoraat-generaal Communicatie</div></div></div><div class="ecl-site-footer__column"><div class="ecl-site-footer__section ecl-site-footer__section--separator"><ul class="ecl-site-footer__list ecl-site-footer__list--columns"><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/strategy_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="Strategy" >Strategie</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/about-european-commission_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="About the European Commission" >Over de Europese Commissie</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/business-economy-euro_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="Business, Economy, Euro" >Handel, economie, euro</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/live-work-travel-eu_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="Live, work, travel in the EU" >Wonen, werken en reizen in de EU</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/law_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="Law" >Wetgeving</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/funding-tenders_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="Funding, Tenders" >Subsidies, leningen, aanbestedingen</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/research-and-innovation_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="Research and innovation" >Onderzoek en innovatie</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/energy-climate-change-environment_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="Energy, Climate change, Environment" >Energie, klimaatverandering, milieu</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/education_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="Education" >Onderwijs</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/aid-development-cooperation-fundamental-rights_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="Aid, Development cooperation, Fundamental rights" >Noodhulp, ontwikkelingssamenwerking, grondrechten</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/food-farming-fisheries_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="Food, Farming, Fisheries" >Voedsel, landbouw, visserij</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/eu-regional-and-urban-development_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="EU regional and urban development" >Platteland, steden, regio's</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/jobs-european-commission_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="Jobs at the European Commission" >Werken voor de Europese Commissie</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/statistics_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="Statistics" >Statistieken</a></li><li class="ecl-site-footer__list-item"><a href="https://ec.europa.eu/commission/presscorner/home/nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="Press Corner" >Pershoek</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/events_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="Events" >Evenementen</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/publications_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="class_navigation" data-footer-link-label="Publications" >Publicaties</a></li></ul></div><div class="ecl-site-footer__section"><ul class="ecl-site-footer__list"><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/about-european-commission/contact_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="service_navigation" data-footer-link-label="Contact the European Commission" >Contact met de Europese Commissie</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/accessibility-statement_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-is-accessibility-link="true" >Toegankelijkheid</a></li><li class="ecl-site-footer__list-item"><a href="https://european-union.europa.eu/contact-eu/social-media-channels_nl#/search?page=0&institutions=european_commission" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="service_navigation" data-footer-link-label="Follow the European Commission on social media" >Volg de Europese Commissie op sociale media</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/resources-partners_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="service_navigation" data-footer-link-label="Resources for partners" >Bronmateriaal voor partners</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/legal-notice/vulnerability-disclosure-policy_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="service_navigation" data-footer-link-label="Report an IT vulnerability" >Een IT-kwetsbaarheid melden</a></li></ul></div><div class="ecl-site-footer__section"><ul class="ecl-site-footer__list"><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/languages-our-websites_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="legal_navigation" data-footer-link-label="Languages on our websites" >Talen op onze websites</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/cookies_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="legal_navigation" data-footer-link-label="Cookies" >Cookies</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/privacy-policy_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="legal_navigation" data-footer-link-label="Privacy policy" >Privacybeleid</a></li><li class="ecl-site-footer__list-item"><a href="https://commission.europa.eu/legal-notice_nl" class="ecl-link ecl-link--standalone ecl-link--inverted ecl-site-footer__link" data-section-label-untranslated="legal_navigation" data-footer-link-label="Legal notice" >Juridische mededeling</a></li></ul></div></div></div></div></footer> </div> <script type="application/json">{"utility":"piwik","siteID":"0ccd2154-5091-4eff-83f3-1b423f81600c","sitePath":["commission.europa.eu"],"instance":"ec","dimensions":[{"id":3,"value":"Landing Page"},{"id":4,"value":"cybersecurity data-protection"},{"id":5,"value":"Directorate-General-for-Communication"},{"id":6,"value":"Vulnerability Disclosure Policy (VDP)"},{"id":7,"value":"2bbdb661-0737-4eba-83e9-ecb86d3797cc"},{"id":8,"value":"EC - CORE"},{"id":9,"value":"cybersecurity data-processing data-protection information-policy"}]}</script> <script type="application/json">{"utility":"cck"}</script> <script type="application/json" data-drupal-selector="drupal-settings-json">{"path":{"baseUrl":"\/","pathPrefix":"","currentPath":"node\/30306","currentPathIsAdmin":false,"isFront":false,"currentLanguage":"nl","urlSuffixes":["bg","es","cs","da","de","et","el","en","fr","ga","hr","it","lv","lt","hu","mt","nl","pl","pt","ro","sk","sl","fi","sv","ar","ca","is","lb","no","tr","ru","uk","zh","sw","he","ja"]},"pluralDelimiter":"\u0003","suppressDeprecationErrors":true,"ajaxTrustedUrl":{"form_action_p_pvdeGsVG5zNF_XLGPTvYSKCf43t8qZYSwcfZl2uzM":true},"user":{"uid":0,"permissionsHash":"cba3110261ccc4cd2f2834d1ff2caeb969cefcaec065dc43ab970f003788644f"}}</script> <script src="/sites/default/files/js/js_yNlrJxClwkJ3OT1q2wMgyFwTXgWnkonXKxAy9EWP_RU.js?scope=footer&delta=0&language=nl&theme=ewcms_theme&include=eJxVjeEKg0AMg1_IzUcqtXZ60Gul7el8-x1DGfsRSPhCYgwHT2kmMc7eNpTnnR9R0VMMZ_bBGHLlyiNZ3UxZE6RMjn4C04_yO9kVBWJfBj6oxg2-Hjs6s1BcrDbJIkWXhnJVKtJatO85aghmMQW1frbz_yBBNN_5HGLD2qWjTa8WhMkfpghVbQ"></script> <script src="https://webtools.europa.eu/load.js" defer></script> <script src="/sites/default/files/js/js_fyAWnf14Pu8o-ylCl14AU8241iQASci_Cuz5-1xoprA.js?scope=footer&delta=2&language=nl&theme=ewcms_theme&include=eJxVjeEKg0AMg1_IzUcqtXZ60Gul7el8-x1DGfsRSPhCYgwHT2kmMc7eNpTnnR9R0VMMZ_bBGHLlyiNZ3UxZE6RMjn4C04_yO9kVBWJfBj6oxg2-Hjs6s1BcrDbJIkWXhnJVKtJatO85aghmMQW1frbz_yBBNN_5HGLD2qWjTa8WhMkfpghVbQ"></script> <script src="https://ec.europa.eu/wel/surveys/wr_survey01/wr_survey.js" defer></script> <script src="/sites/default/files/js/js_qikC1k8zI4HV8EF6GLFir29mS7XyapHyr32zCIQIkzc.js?scope=footer&delta=4&language=nl&theme=ewcms_theme&include=eJxVjeEKg0AMg1_IzUcqtXZ60Gul7el8-x1DGfsRSPhCYgwHT2kmMc7eNpTnnR9R0VMMZ_bBGHLlyiNZ3UxZE6RMjn4C04_yO9kVBWJfBj6oxg2-Hjs6s1BcrDbJIkWXhnJVKtJatO85aghmMQW1frbz_yBBNN_5HGLD2qWjTa8WhMkfpghVbQ"></script> </body> </html>