devxlogo

Some Programming Languages Are More Susceptible to Security Flaws

Some Programming Languages Are More Susceptible to Security Flaws

Veracode has published a new “State of Software Security” report, which confirms what many developers and security experts have long suspected: some programming languages are more susceptible to certain security vulnerabilities than others. For example, C/C++ applications are more likely to have buffer overflow problems. In fact, 48 percent of C/C++ applications submitted to Veracode for analysis had buffer overflow flaws, compared to just 1 percent of .NET applications.

Veracode’s Chris Eng explained, “Languages such as C/C++ are not type safe languages…. In C/C++, the programmer has to keep track of the type and space with no help from the language or compiler, allowing flaws to creep into the software. Languages such as .Net are type safe, so you will see a much lower occurrence of buffer overflow flaws.”

The report also found that SQL injection flaws varied by programming language. For example, 72 percent of ColdFusions applications had SQL injection vulnerabilities, compared to 31 percent of Java applications and 27 percent of PHP applications.

View article

devxblackblue

About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

About Our Journalist