CWE-1284
Improper Validation of Specified Quantity in Input
Description
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.
Hierarchy (View 1000)
CVEs mapped to this weakness (151)
page 7 of 8| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-33349 | 0.00 | — | 0.00 | Mar 24, 2026 | fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. From version 4.0.0-beta.3 to before version 5.5.7, the DocTypeReader in fast-xml-parser uses JavaScript truthy checks to evaluate maxEntityCount and maxEntitySize configuration… | |||
| CVE-2026-1528 | 0.00 | — | 0.00 | Mar 12, 2026 | ImpactA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici's ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process. Patches Patched in the undici version… | |||
| CVE-2025-68383 | 0.00 | — | 0.00 | Dec 18, 2025 | Improper Validation of Specified Index, Position, or Offset in Input (CWE-1285) in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow (CAPEC-100) and cause a denial of service (panic/crash) of the Filebeat process via either a… | |||
| CVE-2025-43793 | 0.00 | — | 0.00 | Sep 15, 2025 | Liferay Portal 7.4.0 through 7.4.3.105, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions may incorrectly identify the subdomain of a domain name and create a… | |||
| CVE-2025-46656 | — | 0.00 | — | 0.00 | Apr 26, 2025 | python-markdownify (aka markdownify) before 0.14.1 allows large headline prefixes such as in addition to through . This causes memory consumption. | ||
| CVE-2025-43970 | 0.00 | — | 0.00 | Apr 21, 2025 | An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family). | |||
| CVE-2025-43972 | 0.00 | — | 0.00 | Apr 21, 2025 | An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context. | |||
| CVE-2024-41991 | 0.00 | — | 0.01 | Aug 7, 2024 | An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters. | |||
| CVE-2023-41164 | 0.00 | — | 0.01 | Nov 3, 2023 | In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters. | |||
| CVE-2023-43665 | 0.00 | — | 0.01 | Nov 3, 2023 | In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML… | |||
| CVE-2023-42447 | 0.00 | — | 0.01 | Sep 19, 2023 | blurhash-rs is a pure Rust implementation of Blurhash, software for encoding images into ASCII strings that can be turned into a gradient of colors representing the original image. In version 0.1.1, the blurhash parsing code may panic due to multiple panic-guarded out-of-bounds… | |||
| CVE-2023-42444 | 0.00 | — | 0.01 | Sep 19, 2023 | phonenumber is a library for parsing, formatting and validating international phone numbers. Prior to versions `0.3.3+8.13.9` and `0.2.5+8.11.3`, the phonenumber parsing code may panic due to a panic-guarded out-of-bounds access on the phonenumber string. In a typical deployment… | |||
| CVE-2023-35932 | — | 0.00 | — | 0.02 | Jun 23, 2023 | jcvi is a Python library to facilitate genome assembly, annotation, and comparative genomics. A configuration injection happens when user input is considered by the application in an unsanitized format and can reach the configuration file. A malicious user may craft a special… | ||
| CVE-2023-23626 | — | 0.00 | — | 0.01 | Feb 9, 2023 | go-bitfield is a simple bitfield package for the go language aiming to be more performant that the standard library. When feeding untrusted user input into the size parameter of `NewBitfield` and `FromBytes` functions, an attacker can trigger `panic`s. This happen when the… | ||
| CVE-2022-4111 | 0.00 | — | 0.01 | Nov 22, 2022 | Unrestricted file size limit can lead to DoS in tooljet/tooljet <1.27 by allowing a logged in attacker to upload profile pictures over 2MB. | |||
| CVE-2022-41896 | 0.00 | — | 0.00 | Nov 18, 2022 | TensorFlow is an open source platform for machine learning. If `ThreadUnsafeUnigramCandidateSampler` is given input `filterbank_channel_count` greater than the allowed max size, TensorFlow will crash. We have patched the issue in GitHub commit… | |||
| CVE-2022-39294 | — | 0.00 | — | 0.01 | Oct 31, 2022 | conduit-hyper integrates a conduit application with the hyper server. Prior to version 0.4.2, `conduit-hyper` did not check any limit on a request's length before calling [`hyper::body::to_bytes`](https://docs.rs/hyper/latest/hyper/body/fn.to_bytes.html). An attacker could send… | ||
| CVE-2022-39313 | 0.00 | — | 0.01 | Oct 24, 2022 | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 4.10.17, and prior to 5.2.8 on the 5.x branch, crash when a file download request is received with an invalid byte range, resulting in a Denial of Service.… | |||
| CVE-2022-36086 | 0.00 | — | 0.01 | Sep 7, 2022 | linked_list_allocator is an allocator usable for no_std systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller… | |||
| CVE-2022-29202 | 0.00 | — | 0.00 | May 20, 2022 | TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.ragged.constant` does not fully validate the input arguments. This results in a denial of service by consuming all available memory. Versions… |
- CVE-2026-33349Mar 24, 2026risk 0.00cvss —epss 0.00
fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. From version 4.0.0-beta.3 to before version 5.5.7, the DocTypeReader in fast-xml-parser uses JavaScript truthy checks to evaluate maxEntityCount and maxEntitySize configuration…
- CVE-2026-1528Mar 12, 2026risk 0.00cvss —epss 0.00
ImpactA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici's ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process. Patches Patched in the undici version…
- CVE-2025-68383Dec 18, 2025risk 0.00cvss —epss 0.00
Improper Validation of Specified Index, Position, or Offset in Input (CWE-1285) in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow (CAPEC-100) and cause a denial of service (panic/crash) of the Filebeat process via either a…
- CVE-2025-43793Sep 15, 2025risk 0.00cvss —epss 0.00
Liferay Portal 7.4.0 through 7.4.3.105, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions may incorrectly identify the subdomain of a domain name and create a…
- CVE-2025-46656Apr 26, 2025risk 0.00cvss —epss 0.00
python-markdownify (aka markdownify) before 0.14.1 allows large headline prefixes such as in addition to through . This causes memory consumption.
- CVE-2025-43970Apr 21, 2025risk 0.00cvss —epss 0.00
An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family).
- CVE-2025-43972Apr 21, 2025risk 0.00cvss —epss 0.00
An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context.
- CVE-2024-41991Aug 7, 2024risk 0.00cvss —epss 0.01
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.
- CVE-2023-41164Nov 3, 2023risk 0.00cvss —epss 0.01
In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
- CVE-2023-43665Nov 3, 2023risk 0.00cvss —epss 0.01
In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML…
- CVE-2023-42447Sep 19, 2023risk 0.00cvss —epss 0.01
blurhash-rs is a pure Rust implementation of Blurhash, software for encoding images into ASCII strings that can be turned into a gradient of colors representing the original image. In version 0.1.1, the blurhash parsing code may panic due to multiple panic-guarded out-of-bounds…
- CVE-2023-42444Sep 19, 2023risk 0.00cvss —epss 0.01
phonenumber is a library for parsing, formatting and validating international phone numbers. Prior to versions `0.3.3+8.13.9` and `0.2.5+8.11.3`, the phonenumber parsing code may panic due to a panic-guarded out-of-bounds access on the phonenumber string. In a typical deployment…
- CVE-2023-35932Jun 23, 2023risk 0.00cvss —epss 0.02
jcvi is a Python library to facilitate genome assembly, annotation, and comparative genomics. A configuration injection happens when user input is considered by the application in an unsanitized format and can reach the configuration file. A malicious user may craft a special…
- CVE-2023-23626Feb 9, 2023risk 0.00cvss —epss 0.01
go-bitfield is a simple bitfield package for the go language aiming to be more performant that the standard library. When feeding untrusted user input into the size parameter of `NewBitfield` and `FromBytes` functions, an attacker can trigger `panic`s. This happen when the…
- CVE-2022-4111Nov 22, 2022risk 0.00cvss —epss 0.01
Unrestricted file size limit can lead to DoS in tooljet/tooljet <1.27 by allowing a logged in attacker to upload profile pictures over 2MB.
- CVE-2022-41896Nov 18, 2022risk 0.00cvss —epss 0.00
TensorFlow is an open source platform for machine learning. If `ThreadUnsafeUnigramCandidateSampler` is given input `filterbank_channel_count` greater than the allowed max size, TensorFlow will crash. We have patched the issue in GitHub commit…
- CVE-2022-39294Oct 31, 2022risk 0.00cvss —epss 0.01
conduit-hyper integrates a conduit application with the hyper server. Prior to version 0.4.2, `conduit-hyper` did not check any limit on a request's length before calling [`hyper::body::to_bytes`](https://docs.rs/hyper/latest/hyper/body/fn.to_bytes.html). An attacker could send…
- CVE-2022-39313Oct 24, 2022risk 0.00cvss —epss 0.01
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 4.10.17, and prior to 5.2.8 on the 5.x branch, crash when a file download request is received with an invalid byte range, resulting in a Denial of Service.…
- CVE-2022-36086Sep 7, 2022risk 0.00cvss —epss 0.01
linked_list_allocator is an allocator usable for no_std systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller…
- CVE-2022-29202May 20, 2022risk 0.00cvss —epss 0.00
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.ragged.constant` does not fully validate the input arguments. This results in a denial of service by consuming all available memory. Versions…