Description

Directory traversal vulnerability in the Image Gallery plugin before 1.4 in Jenkins allows remote attackers to list arbitrary directories and read arbitrary files via unspecified form fields.

Remediation

References

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20

Related Vulnerabilities

CVE-2020-13936 Vulnerability in maven package org.apache.velocity:velocity-engine-core

CVE-2022-2237 Vulnerability in npm package keycloak-connect

CVE-2023-37903 Vulnerability in maven package org.webjars.npm:vm2

CVE-2023-44400 Vulnerability in npm package uptime-kuma

CVE-2018-1000010 Vulnerability in maven package org.jvnet.hudson.plugins:dry

Severity

High

Classification

CWE-22 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Vendor Advisory