ISO/IEC TR 24772:2010

Information technology -- Programming languages -- Guidance to avoiding vulnerabilities in programming languages through language selection and use

The electronic version of this International Standard can be downloaded from the ISO/IEC Information Technology Task Force (ITTF) web site

ISO/IEC TR 24772:2010 specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission critical and business critical software. In general, this guidance is applicable to the software developed, reviewed, or maintained for any application. Vulnerabilities are described in a generic manner that is applicable to a broad range of programming languages.


General information

  • Current status : Withdrawn
    Publication date : 2010-10
  • Edition : 1
    Number of pages :
  • :
    ISO/IEC JTC 1/SC 22
    Programming languages, their environments and system software interfaces
  • 35.060
    Languages used in information technology

Got a question?

Check out our FAQs


Customer care
+41 22 749 08 88

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)