CWE-1284βImproper Validation of Specified Quantity in Input
PUBLISHEDweakness record
released 2020-02-24 Β· last modified 2026-04-30
Metadata
Weakness Name
Improper Validation of Specified Quantity in Input
Description
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.
Specified quantities include size, length, frequency, price, rate, number of operations, time, and others. Code may rely on specified quantities to allocate resources, perform calculations, control iteration, etc.