BaseIncomplete

CWE-1284Improper Validation of Specified Quantity in Input

Category: other

Description

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

Common consequences· 1

  • Other / Integrity / Availability — Varies by Context, DoS: Resource Consumption (CPU), Modify Memory, Read Memory
    When the quantity is not properly validated, then attackers can specify malicious quantities to cause excessive resource allocation, trigger unexpected failures, enable buffer overflows, etc.

Potential mitigations· 1

  • [Implementation]

References

  1. https://cwe.mitre.org/data/definitions/1284.html

(incoming)18

TypeTargetConfidenceTier
VulnerabilityCVE-2025-0286cve-2025-02860%live
VulnerabilityCVE-2025-36094cve-2025-360940%live
VulnerabilityCVE-2025-43964cve-2025-439640%live
VulnerabilityCVE-2025-5349cve-2025-53490%live
VulnerabilityCVE-2025-55398cve-2025-553980%live
VulnerabilityCVE-2025-65548cve-2025-655480%live
VulnerabilityCVE-2025-8320cve-2025-83200%live
VulnerabilityCVE-2026-21485cve-2026-214850%live
VulnerabilityCVE-2026-25345cve-2026-253450%live
VulnerabilityCVE-2026-27384cve-2026-273840%live
VulnerabilityCVE-2026-31970cve-2026-319700%live
VulnerabilityCVE-2026-31971cve-2026-319710%live
VulnerabilityCVE-2026-33471cve-2026-334710%live
VulnerabilityCVE-2026-3381cve-2026-33810%live
VulnerabilityCVE-2026-40093cve-2026-400930%live
VulnerabilityCVE-2026-41677cve-2026-416770%live
VulnerabilityCVE-2026-42013cve-2026-420130%live
VulnerabilityCVE-2026-5260cve-2026-52600%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Improper Input Validation
CWE
Improper Validation of Specified Type of Input
CWE
Improper Validation of Consistency within Input
CWE
Numeric Range Comparison Without Minimum Check
CWE
Improper Handling of Values
CWE
Improper Validation of Syntactic Correctness of Input
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.