How severe is CVE-2022-43939?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2022-43939?

This is classified as CWE-647, which is a common weakness in software security.

CVE-2022-43939

CRITICAL Year: 2022

CVSS v3 Score

9.8

Critical

Weakness Type

CWE-647

View all →

Vulnerability Description

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented.

CVE-2025-47241

MEDIUM

CVSS:4.0(Medium)

In browser-use (aka Browser Use) before 0.1.45, URL parsing of allowed_domains is mishandled because userinfo can be placed in the authority component.

CWE-6472025

Sonos api.sonos.com through 2025-04-21, when the /login/v3/oauth endpoint is used, accepts a redirect_uri containing userinfo in the authority component, which is not consistent with RFC 6819 section ...

CWE-6472025

CVE Security Database

CVE-2022-43939

Vulnerability Description

CVE-2025-47241

CVE-2025-43916

CVE-2022-43939

Vulnerability Description

Related Vulnerabilities

CVE-2025-47241

CVE-2025-43916