CWE-1287: Improper Validation of Specified Type of Input
low-riskThe product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.
Abstraction: Base
Common Consequences
Other
→
Varies by Context
Real-World Examples (10)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2024-4879 | 9.8 | 94.3% | Y |
| CVE-2024-6298 | 10.0 | 35.0% | — |
| CVE-2022-31007 | 4.9 | 13.1% | — |
| CVE-2024-51546 | 7.5 | 6.9% | — |
| CVE-2021-32024 | 9.8 | 2.7% | — |
| CVE-2024-51550 | 10.0 | 2.3% | — |
| CVE-2022-43723 | 7.5 | 1.1% | — |
| CVE-2022-39369 | 8.0 | 0.9% | — |
| CVE-2024-43426 | 7.5 | 0.9% | — |
| CVE-2024-8403 | 7.5 | 0.8% | — |
2
/ 100
low-risk
Active Threat
2/50 · Minimal
Exploit Availability
0/50 · Minimal