Phone: (011) 7541-421, 3409-301, 3409-335, 6547-293, 3409-310
E-mail: Standards sales: prodaja@iss.rs Education: iss-edukacija@iss.rs Information about standards: infocentar@iss.rs
Stevana Brakusa 2, 11030 Beograd
Main menu

ISO/IEC FDIS 24772-1

Programming languages — Avoiding vulnerabilities in programming languages — Part 1: Language-independent catalogue of vulnerabilities

General information

50.20     Jun 19, 2024

ISO/IEC

ISO/IEC JTC 1/SC 22

International Standard

35.060  

Scope

This document catalogues common software programming language vulnerabilities and their mitigations in the development of systems where assured behaviour is required for security, safety, mission-critical and business-critical software. In general, this guidance is applicable to the software developed, reviewed, or maintained for any application.
This document is Part 1 of a series. Vulnerabilities and their mitigations are described in this document in a generic manner that is applicable to a broad range of programming languages.
This document is supplemented by other Parts in this series that describe how vulnerabilities catalogued in this document arise and how they can be mitigated in specific programming languages, such as C, C++, Ada, Java, Python, SPARK, and Fortran.

Life cycle

PREVIOUSLY

PUBLISHED
ISO/IEC TR 24772-1:2019

NOW

PROJECT
ISO/IEC FDIS 24772-1
50.20 Proof sent to secretariat or FDIS ballot initiated: 8 weeks
Jun 19, 2024

Preview

To view the full content, you need to register or to log in to your account by clicking on the "Log in" button

Login