Cyber Posture

CWE · MITRE source

CWE-1284Improper Validation of Specified Quantity in Input

Abstraction: Base · CVEs in our corpus: 295

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

Specified quantities include size, length, frequency, price, rate, number of operations, time, and others. Code may rely on specified quantities to allocate resources, perform calculations, control iteration, etc.

Last updated: 09 May 2026 03:25 UTC

NIST 800-53 r5 controls that address this weakness (0)AI

Control Title Family Why it addresses this CWE
No NIST controls proposed yet.

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2022-20699 KEV9.410.00.90022022-02-10
CVE-2021-432676.39.80.72622021-11-02
CVE-2025-93164.30.00.71422025-11-12
CVE-2010-3904 KEV3.77.80.01622010-12-06
CVE-2008-14403.00.00.50592008-06-12
CVE-2008-23742.39.80.06442008-07-07
CVE-2022-316292.26.50.15422022-09-28
CVE-2009-44882.19.80.01842010-01-13
CVE-2021-219502.110.00.00882021-12-08
CVE-2021-219512.110.00.00882021-12-08
CVE-2021-219602.110.00.02272022-02-04
CVE-2022-371342.19.80.01862022-08-22
CVE-2022-369382.19.80.02012022-11-11
CVE-2021-315562.09.80.00662021-08-12
CVE-2022-203852.09.80.00152022-09-13
CVE-2022-257272.09.80.00322022-11-15
CVE-2024-88872.010.00.00072024-09-18
CVE-2024-16102.09.80.00592024-12-18
CVE-2025-553982.09.80.00122025-08-22
CVE-2026-33812.09.80.00032026-03-05
CVE-2026-253452.09.90.00082026-03-25
CVE-2024-93691.99.60.00142024-11-27
CVE-2026-334711.99.60.00032026-04-22
CVE-2021-313461.88.20.02502021-11-09
CVE-2021-219431.88.80.01182022-04-14