Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Health_advisor_by_cloudbees
(Jenkins)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-05-14 | CVE-2025-47885 | Jenkins Health Advisor by CloudBees Plugin 374.v194b_d4f0c8c8 and earlier does not escape responses from the Jenkins Health Advisor server, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control Jenkins Health Advisor server responses. | Health_advisor_by_cloudbees | N/A | ||
| 2020-01-15 | CVE-2020-2093 | A cross-site request forgery vulnerability in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers to send an email with fixed content to an attacker-specified recipient. | Health_advisor_by_cloudbees | 8.8 | ||
| 2020-01-15 | CVE-2020-2094 | A missing permission check in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers with Overall/Read permission to send a fixed email to an attacker-specific recipient. | Health_advisor_by_cloudbees | 4.3 | ||
| 2020-09-16 | CVE-2020-2258 | Jenkins Health Advisor by CloudBees Plugin 3.2.0 and earlier does not correctly perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to view that HTTP endpoint. | Health_advisor_by_cloudbees | 4.3 |