标准摘要
[中文适用范围]: 本技术报告指定了在安全性、安全性、任务关键型和业务关键型软件需要有保证行为的系统开发中应避免的软件编程语言漏洞。 一般来说,本指南适用于为任何应用程序开发、审查或维护的软件。 漏洞以适用于多种编程语言的通用方式进行描述。 [外文原描述]: ISO/IEC TR 24772:2010 specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission critical and business critical software. In general, this guidance is applicable to the software developed, reviewed, or maintained for any application. Vulnerabilities are described in a generic manner that is applicable to a broad range of programming languages.
英文名称Information technology - Programming languages - Guidance to avoiding vulnerabilities in programming languages through language selection and use