Description

Directory traversal vulnerability in the Image Gallery plugin before 1.4 in Jenkins allows remote attackers to list arbitrary directories and read arbitrary files via unspecified form fields.

Remediation

References

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20

Related Vulnerabilities

CVE-2021-42010 Vulnerability in maven package org.apache.heron:heron-api

CVE-2016-3101 Vulnerability in maven package org.jenkins-ci.plugins:extra-columns

CVE-2023-35925 Vulnerability in maven package com.fastasyncworldedit:fastasyncworldedit-core

CVE-2014-3600 Vulnerability in maven package org.apache.activemq:apache-activemq

CVE-2022-36099 Vulnerability in maven package org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki

Severity

High

Classification

CWE-22 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Vendor Advisory