Cyber Posture

CWE · MITRE source

CWE-1284Improper Validation of Specified Quantity in Input

Abstraction: Base · CVEs in our corpus: 301

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

Specified quantities include size, length, frequency, price, rate, number of operations, time, and others. Code may rely on specified quantities to allocate resources, perform calculations, control iteration, etc.

Last updated: 19 May 2026 14:18 UTC

NIST 800-53 r5 controls that address this weakness (0)AI

Control Title Family Why it addresses this CWE
No NIST controls proposed yet.

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2022-20699 KEV9.410.00.89402022-02-10
CVE-2021-432676.39.80.72622021-11-02
CVE-2025-93164.30.00.71422025-11-12
CVE-2010-3904 KEV UPD3.77.80.02082010-12-06
CVE-2008-1440 UPD3.00.00.50592008-06-12
CVE-2008-2374 UPD2.39.80.06442008-07-07
CVE-2022-316292.26.50.15422022-09-28
CVE-2009-44882.19.80.01842010-01-13
CVE-2021-219502.110.00.00882021-12-08
CVE-2021-219512.110.00.00882021-12-08
CVE-2021-219602.110.00.02272022-02-04
CVE-2022-371342.19.80.01862022-08-22
CVE-2022-369382.19.80.02012022-11-11
CVE-2021-315562.09.80.00662021-08-12
CVE-2022-203852.09.80.00152022-09-13
CVE-2022-257272.09.80.00322022-11-15
CVE-2024-88872.010.00.00072024-09-18
CVE-2024-16102.09.80.00802024-12-18
CVE-2025-553982.09.80.00142025-08-22
CVE-2026-33812.09.80.00042026-03-05
CVE-2026-25345 UPD2.09.90.00082026-03-25
CVE-2024-93691.99.60.00142024-11-27
CVE-2026-334711.99.60.00032026-04-22
CVE-2021-313461.88.20.02502021-11-09
CVE-2021-219431.88.80.01182022-04-14