CWE-228β€”Improper Handling of Syntactically Invalid Structure

PUBLISHEDweakness record
released 2006-07-19 Β· last modified 2025-12-11

Metadata

CWE ID:
CWE-228
Abstraction:
Class
Structure:
Simple
Status:
Incomplete
Release Date:
2006-07-19
Latest Modification Date:
2025-12-11

Weakness Name

Improper Handling of Syntactically Invalid Structure

Description

The product does not handle or incorrectly handles input that is not syntactically well-formed with respect to the associated specification.

Common Consequences

Scope:
Integrity, Availability
Impact:
Unexpected State, DoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU)
Notes:
If an input is syntactically invalid, then processing the input could place the system in an unexpected state that could lead to a crash, consume available system resources or other unintended behaviors.

Related Weaknesses