Description

Directory traversal vulnerability in the Image Gallery plugin before 1.4 in Jenkins allows remote attackers to list arbitrary directories and read arbitrary files via unspecified form fields.

Remediation

References

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20

Related Vulnerabilities

CVE-2020-7654 Vulnerability in npm package snyk-broker

CVE-2022-36900 Vulnerability in maven package com.compuware.jenkins:compuware-zadviser-api

CVE-2015-0266 Vulnerability in maven package org.apache.ranger:ranger

CVE-2016-5388 Vulnerability in maven package org.apache.tomcat:tomcat-catalina

CVE-2023-35160 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-templates

Severity

High

Classification

CWE-22 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Vendor Advisory