Description

Directory traversal vulnerability in the Image Gallery plugin before 1.4 in Jenkins allows remote attackers to list arbitrary directories and read arbitrary files via unspecified form fields.

Remediation

References

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20

Related Vulnerabilities

CVE-2018-1999036 Vulnerability in maven package org.jenkins-ci.plugins:ssh-agent

CVE-2020-13936 Vulnerability in maven package org.apache.velocity:velocity-engine-core

CVE-2022-45135 Vulnerability in maven package org.apache.cocoon:cocoon-databases-impl

CVE-2013-2165 Vulnerability in maven package org.richfaces.framework:richfaces-impl-jsf2

CVE-2014-0110 Vulnerability in maven package org.apache.cxf:cxf-bundle-minimal

Severity

High

Classification

CWE-22 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Vendor Advisory