CWE-647 is a common weakness enumeration in software security. This database tracks 3 CVE vulnerabilities classified under this weakness type.

How many CVEs are classified as CWE-647?

There are 3 CVE vulnerabilities classified as CWE-647 with an average CVSS score of 5.7333333333333.

What is the severity distribution for CWE-647?

CWE-647 contains 1 critical, 0 high, 1 medium, and 1 low severity vulnerabilities.

CWE-647

Total CVEs

Vulnerabilities

Avg CVSS v3

5.7

Medium

Latest CVE

2025

Most Recent

Severity Distribution

Critical 1

33.3%

High 0

Medium 1

33.3%

Low 1

33.3%

External References

MITRE CWE

Official CWE definition

NIST NVD

Search CVEs by CWE

All CVEs (3)

Page 1 of 1

CVE-2022-43939

CRITICAL

CVSS:9.8(Critical)

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented.

CWE-6472022

CVE-2025-47241

MEDIUM

CVSS:4.0(Medium)

In browser-use (aka Browser Use) before 0.1.45, URL parsing of allowed_domains is mishandled because userinfo can be placed in the authority component.

CWE-6472025

Sonos api.sonos.com through 2025-04-21, when the /login/v3/oauth endpoint is used, accepts a redirect_uri containing userinfo in the authority component, which is not consistent with RFC 6819 section ...

CWE-6472025

CVE Security Database

CWE-647

Severity Distribution

External References

All CVEs (3)

CVE-2022-43939

CVE-2025-47241

CVE-2025-43916