ISO/IEC NP 24772-8

Information technology — Programming languages — Guidance to avoiding vulnerabilities in programming languages — Part 8: Catalogue of vulnerabilities for the programming language Fortran ISO/IEC NP 24772-8

General information

Current stage: 10.20 New project ballot initiated Jan 3, 2025

Originator: ISO/IEC

Owner: ISO/IEC JTC 1/SC 22 Programming languages, their environments and system software interfaces

Type: International Standard

Scope

This document itemizes programming language vulnerabilities in Fortran to be avoided in the
development of systems where assured behaviour is required for security, safety, mission-critical and
business-critical software. In general, this need for assured behaviour is applicable to the software
developed, reviewed, or maintained for any application.
This document explains how the vulnerabilities catalogued in ISO/IEC 24772-1:2024 “Programming
languages -- Avoiding vulnerabilities in programming languages -- Part 1: “Language-independent
catalogue of vulnerabilities” manifest in Fortran and documents mechanisms that can be used to
avoid the vulnerabilities.

Life cycle

NOW

IN_DEVELOPMENT
ISO/IEC NP 24772-8
10.20 New project ballot initiated
Jan 3, 2025