📦

health_advisor_by_cloudbees

Vendor: jenkins

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 5 Total Indexed

Avg. EPSS 0.07% Exploit Prob.

Latest CVE CVE-2025-47885 May 14

Security Vulnerability Index

Page 1 / 1

8.8 CVSS

CVE-2025-47885

Jenkins Health Advisor by CloudBees Plugin 374.v194b_d4f0c8c8 and earlier does not escape responses from the Jenkins Health Advisor server, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control Jenkins Health Advisor server responses.

EPSS: 0.12%

Severity: HIGH

May 14, 2025

4.3 CVSS

CVE-2020-2258

Jenkins Health Advisor by CloudBees Plugin 3.2.0 and earlier does not correctly perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to view that HTTP endpoint.

EPSS: 0.03%

Severity: MEDIUM

Sep 16, 2020

4.3 CVSS

CVE-2020-2094

A missing permission check in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers with Overall/Read permission to send a fixed email to an attacker-specific recipient.

EPSS: 0.06%

Severity: MEDIUM

Jan 15, 2020

8.8 CVSS

CVE-2020-2093

A cross-site request forgery vulnerability in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers to send an email with fixed content to an attacker-specified recipient.

EPSS: 0.09%

Severity: HIGH

Jan 15, 2020

Displaying 4 of 5 Total Entries

Total 1 Sections