Politica de Divulgare a Vulnerabilitatilor
Nota: Acesta este un document juridic disponibil exclusiv in limba engleza pentru a asigura acuratetea juridica. Mai jos vei gasi un rezumat in limba romana.
Rezumat
Daca descoperi o vulnerabilitate de securitate in sistemele noastre:
- Raporteaz-o prin e-mail la mike@lovd.app
- Descrie vulnerabilitatea in detaliu, incluzand pasii de reproducere
- Acorda-ne timp rezonabil sa raspundem inainte de divulgarea publica
- Angajamentul nostru: Confirmare in 48 de ore, actualizari regulate si protectie impotriva actiunilor legale
In afara domeniului de aplicare: Atacuri DoS, spam, inginerie sociala, atacuri fizice si aplicatii terte.
Politica completa de Divulgare a Vulnerabilitatilor (engleza)
At lovd, we take security seriously. We appreciate the security research community and believe in responsible disclosure of security vulnerabilities.
Reporting a Vulnerability
If you believe you've discovered a security vulnerability in our systems, please follow these steps:
- Email us at mike@lovd.app with a detailed description of the vulnerability.
- Include steps to reproduce the issue
- Provide any proof-of-concept code if applicable
- Allow us reasonable time to respond and address the issue before public disclosure
Our Commitment
When working with us, you can expect:
- Acknowledgment of your report within 48 hours
- Regular updates on the progress of your report
- Recognition for your contribution (if desired)
- Protection from legal action when following our responsible disclosure policy
Scope
This policy applies to all lovd products and services, including:
- Our web applications and APIs
- Mobile applications
- Infrastructure components
Out of Scope
The following are not considered valid vulnerabilities under this policy:
- Denial of Service (DoS) attacks
- Spam or social engineering attacks
- Physical security attacks
- Third-party applications or websites