BaseIncomplete

CWE-1285Improper Validation of Specified Index, Position, or Offset in Input

Category: other

Description

The product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file, but it does not validate or incorrectly validates that the specified index/position/offset has the required properties.

Common consequences· 1

  • Other — Varies by Context

Potential mitigations· 1

  • [Implementation]

References

  1. https://cwe.mitre.org/data/definitions/1285.html

(incoming)6

TypeTargetConfidenceTier
VulnerabilityCVE-2025-3357cve-2025-33570%live
VulnerabilityCVE-2025-3755cve-2025-37550%live
VulnerabilityCVE-2025-55086cve-2025-550860%live
VulnerabilityCVE-2026-33557cve-2026-335570%live
KEVEntryMicrosoft Defender Remote Code Execution Vulnerabilitykev-cve-2021-16470%live
KEVEntryMicrosoft Windows CLFS Driver Privilege Escalation Vulnerabilitykev-cve-2022-245210%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Improper Validation of Array Index
CWE
Improper Input Validation
CWE
Improper Validation of Specified Type of Input
CWE
Improper Handling of Syntactically Invalid Structure
CWE
Improper Validation of Syntactic Correctness of Input
CWE
Improper Validation of Unsafe Equivalence in Input
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.