CWE-1284
AllowedImproper Validation of Specified Quantity in Input
Abstraction: Base · Status: Incomplete
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.
493 vulnerabilities reference this CWE, most recent first.
GHSA-QG44-88JP-H8XV
Vulnerability from github – Published: 2026-06-12 09:31 – Updated: 2026-06-12 09:31The SSH service of CelloOS developed by Cellopoint has an Improper Access Control vulnerability, allowing authenticated remote attackers to bypass the enforced command restrictions and execute operating system commands outside the originally authorized scope.
{
"affected": [],
"aliases": [
"CVE-2026-12059"
],
"database_specific": {
"cwe_ids": [
"CWE-1284"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-12T07:16:19Z",
"severity": "HIGH"
},
"details": "The SSH service of CelloOS developed by Cellopoint has an Improper Access Control vulnerability, allowing authenticated remote attackers to bypass the enforced command restrictions and execute operating system commands outside the originally authorized scope.",
"id": "GHSA-qg44-88jp-h8xv",
"modified": "2026-06-12T09:31:55Z",
"published": "2026-06-12T09:31:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12059"
},
{
"type": "WEB",
"url": "https://www.twcert.org.tw/en/cp-139-10965-3ce75-2.html"
},
{
"type": "WEB",
"url": "https://www.twcert.org.tw/tw/cp-132-10966-3258e-1.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-QHHP-8CC7-VF7W
Vulnerability from github – Published: 2022-06-21 00:00 – Updated: 2023-06-26 18:30NHI’s health insurance web service component has insufficient validation for input string length, which can result in heap-based buffer overflow attack. A remote attacker can exploit this vulnerability to flood the memory space reserved for the program, in order to terminate service without authentication, which requires a system restart to recover service.
{
"affected": [],
"aliases": [
"CVE-2021-45918"
],
"database_specific": {
"cwe_ids": [
"CWE-122",
"CWE-1284",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-20T06:15:00Z",
"severity": "HIGH"
},
"details": "NHI\u2019s health insurance web service component has insufficient validation for input string length, which can result in heap-based buffer overflow attack. A remote attacker can exploit this vulnerability to flood the memory space reserved for the program, in order to terminate service without authentication, which requires a system restart to recover service.",
"id": "GHSA-qhhp-8cc7-vf7w",
"modified": "2023-06-26T18:30:21Z",
"published": "2022-06-21T00:00:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45918"
},
{
"type": "WEB",
"url": "https://www.twcert.org.tw/tw/cp-132-6227-eaf49-1.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QQXR-MG6R-R64P
Vulnerability from github – Published: 2024-02-14 00:35 – Updated: 2024-02-14 00:35Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network access.
{
"affected": [],
"aliases": [
"CVE-2024-24690"
],
"database_specific": {
"cwe_ids": [
"CWE-1284",
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-14T00:15:47Z",
"severity": "MODERATE"
},
"details": "Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network access.\n",
"id": "GHSA-qqxr-mg6r-r64p",
"modified": "2024-02-14T00:35:42Z",
"published": "2024-02-14T00:35:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24690"
},
{
"type": "WEB",
"url": "https://www.zoom.com/en/trust/security-bulletin/ZSB-24007"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-QV2F-765Q-7WRF
Vulnerability from github – Published: 2024-05-20 12:30 – Updated: 2025-11-04 00:30In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_sock: Fix not validating setsockopt user input
Check user input length before copying data.
{
"affected": [],
"aliases": [
"CVE-2024-35963"
],
"database_specific": {
"cwe_ids": [
"CWE-1284"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-20T10:15:11Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sock: Fix not validating setsockopt user input\n\nCheck user input length before copying data.",
"id": "GHSA-qv2f-765q-7wrf",
"modified": "2025-11-04T00:30:48Z",
"published": "2024-05-20T12:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35963"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0c18a64039aa3f1c16f208d197c65076da798137"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/50173882bb187e70e37bac01385b9b114019bee2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/781f3a97a38a338bc893b6db7f9f9670bf1a9e37"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b2186061d6043d6345a97100460363e990af0d46"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QVV7-6WF2-WR97
Vulnerability from github – Published: 2024-05-17 09:31 – Updated: 2024-05-17 09:31Improper Validation of Specified Quantity in Input vulnerability in Tips and Tricks HQ WP Express Checkout (Accept PayPal Payments) allows Manipulating Hidden Fields.This issue affects WP Express Checkout (Accept PayPal Payments): from n/a through 2.3.7.
{
"affected": [],
"aliases": [
"CVE-2024-30527"
],
"database_specific": {
"cwe_ids": [
"CWE-1284"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-17T09:15:30Z",
"severity": "HIGH"
},
"details": "Improper Validation of Specified Quantity in Input vulnerability in Tips and Tricks HQ WP Express Checkout (Accept PayPal Payments) allows Manipulating Hidden Fields.This issue affects WP Express Checkout (Accept PayPal Payments): from n/a through 2.3.7.",
"id": "GHSA-qvv7-6wf2-wr97",
"modified": "2024-05-17T09:31:02Z",
"published": "2024-05-17T09:31:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30527"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/vulnerability/wp-express-checkout/wordpress-wp-express-checkout-plugin-2-3-7-price-manipulation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QWHR-X4C6-C5HC
Vulnerability from github – Published: 2026-07-10 00:31 – Updated: 2026-07-10 00:31An Improper Validation of Specified Quantity in Input vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).
When a specific packet is received from device in the same broadcast domain, an affected system calculates the packet size incorrectly. This causes further packet processing to fail, which triggers an FPC major error, resulting in a FPC reset impacting traffic until the FPC has automatically recovered.
Affected scenarios are: MAP-T, or non-IP traffic encapsulated in IP (e.g. MPLS over GRE).
When this issue happens the following logs can be observed:
fpc<#> CMError: /fpc/0/pfe/0/cm/0/MQSS(0)/0/MQSS_CMERROR_LI_INT_REG_UNROLL_TAIL_LENGTH_OVF (0x2205eb), scope: pfe, category: functional, severity: major, module: MQSS(0), type: LI: Unroll TAIL length overflow, oc_category: default fpc<#> Performing action reset-fru for error /fpc/0/pfe/0/cm/0/MQSS(0)/0/MQSS_CMERROR_LI_INT_REG_UNROLL_TAIL_LENGTH_OVF (0x2205eb) in module: MQSS(0) with scope: pfe category: functional level: major, oc_category: default
This issue affects Junos OS on MX Series:
- all versions before 23.2R2-S6,
- 23.4 versions before 23.4R2-S7,
- 24.2 versions before 24.2R2-S4,
- 24.4 versions before 24.4R2-S4,
- 25.2 versions before 25.2R2.
{
"affected": [],
"aliases": [
"CVE-2026-57019"
],
"database_specific": {
"cwe_ids": [
"CWE-1284"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-09T22:17:06Z",
"severity": "HIGH"
},
"details": "An Improper Validation of Specified Quantity in Input vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).\n\n\nWhen a specific packet is received from device in the same broadcast domain, an affected system calculates the packet size incorrectly. This causes further packet processing to fail, which triggers an FPC major error, resulting in a FPC reset impacting traffic until the FPC has automatically recovered.\n\nAffected scenarios are: MAP-T, or non-IP traffic encapsulated in IP (e.g. MPLS over GRE).\n\nWhen this issue happens the following logs can be observed:\n\nfpc\u003c#\u003e CMError: /fpc/0/pfe/0/cm/0/MQSS(0)/0/MQSS_CMERROR_LI_INT_REG_UNROLL_TAIL_LENGTH_OVF (0x2205eb), scope: pfe, category: functional, severity: major, module: MQSS(0), type: LI: Unroll TAIL length overflow, oc_category: default\nfpc\u003c#\u003e Performing action reset-fru for error /fpc/0/pfe/0/cm/0/MQSS(0)/0/MQSS_CMERROR_LI_INT_REG_UNROLL_TAIL_LENGTH_OVF (0x2205eb) in module: MQSS(0) with scope: pfe category: functional level: major, oc_category: default\n\n\n\n\nThis issue affects Junos OS on MX Series:\n\n\n * all versions before 23.2R2-S6,\n * 23.4 versions before 23.4R2-S7,\n * 24.2 versions before 24.2R2-S4,\n * 24.4 versions before 24.4R2-S4,\n * 25.2 versions before 25.2R2.",
"id": "GHSA-qwhr-x4c6-c5hc",
"modified": "2026-07-10T00:31:26Z",
"published": "2026-07-10T00:31:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-57019"
},
{
"type": "WEB",
"url": "https://supportportal.juniper.net/JSA110079"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-R3CJ-H858-JRRJ
Vulnerability from github – Published: 2023-05-16 00:30 – Updated: 2024-04-04 04:11In several functions of PhoneAccountRegistrar.java, there is a possible way to prevent an access to emergency services due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256819769
{
"affected": [],
"aliases": [
"CVE-2023-21111"
],
"database_specific": {
"cwe_ids": [
"CWE-1284",
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-15T22:15:11Z",
"severity": "MODERATE"
},
"details": "In several functions of PhoneAccountRegistrar.java, there is a possible way to prevent an access to emergency services due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256819769",
"id": "GHSA-r3cj-h858-jrrj",
"modified": "2024-04-04T04:11:39Z",
"published": "2023-05-16T00:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21111"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2023-05-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R6X9-4X42-C57H
Vulnerability from github – Published: 2023-06-14 21:30 – Updated: 2024-04-04 04:51A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) is supplied using the osTicket application. This can cause the website to go down or stop responding. When a long password is entered, this procedure will consume all available CPU and memory.
{
"affected": [],
"aliases": [
"CVE-2023-30082"
],
"database_specific": {
"cwe_ids": [
"CWE-1284"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-14T20:15:09Z",
"severity": "HIGH"
},
"details": "A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) is supplied using the osTicket application. This can cause the website to go down or stop responding. When a long password is entered, this procedure will consume all available CPU and memory.",
"id": "GHSA-r6x9-4x42-c57h",
"modified": "2024-04-04T04:51:03Z",
"published": "2023-06-14T21:30:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30082"
},
{
"type": "WEB",
"url": "https://blog.manavparekh.com/2023/06/cve-2023-30082.html"
},
{
"type": "WEB",
"url": "https://github.com/manavparekh/CVEs/blob/main/CVE-2023-30082/Steps%20to%20reproduce.txt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R7WQ-W97F-V622
Vulnerability from github – Published: 2025-02-12 00:32 – Updated: 2025-02-12 00:32Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability.
{
"affected": [],
"aliases": [
"CVE-2023-20515"
],
"database_specific": {
"cwe_ids": [
"CWE-1284"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-11T22:15:26Z",
"severity": "MODERATE"
},
"details": "Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability.",
"id": "GHSA-r7wq-w97f-v622",
"modified": "2025-02-12T00:32:16Z",
"published": "2025-02-12T00:32:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20515"
},
{
"type": "WEB",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html"
},
{
"type": "WEB",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-R836-HH6V-RG5G
Vulnerability from github – Published: 2024-08-07 15:30 – Updated: 2025-11-04 19:51An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "Django"
},
"ranges": [
{
"events": [
{
"introduced": "5.0"
},
{
"fixed": "5.0.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "Django"
},
"ranges": [
{
"events": [
{
"introduced": "4.2"
},
{
"fixed": "4.2.15"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-41991"
],
"database_specific": {
"cwe_ids": [
"CWE-1284",
"CWE-130",
"CWE-1333"
],
"github_reviewed": true,
"github_reviewed_at": "2024-08-07T19:03:05Z",
"nvd_published_at": "2024-08-07T15:15:56Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.",
"id": "GHSA-r836-hh6v-rg5g",
"modified": "2025-11-04T19:51:04Z",
"published": "2024-08-07T15:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991"
},
{
"type": "WEB",
"url": "https://github.com/django/django/commit/523da8771bce321023f490f70d71a9e973ddc927"
},
{
"type": "WEB",
"url": "https://github.com/django/django/commit/efea1ef7e2190e3f77ca0651b5458297bc0f6a9f"
},
{
"type": "WEB",
"url": "https://docs.djangoproject.com/en/dev/releases/security"
},
{
"type": "PACKAGE",
"url": "https://github.com/django/django"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-69.yaml"
},
{
"type": "WEB",
"url": "https://groups.google.com/forum/#%21forum/django-announce"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20240905-0007"
},
{
"type": "WEB",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Django vulnerable to denial-of-service attack"
}
Mitigation MIT-5
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
No CAPEC attack patterns related to this CWE.