Description

Directory traversal vulnerability in the Image Gallery plugin before 1.4 in Jenkins allows remote attackers to list arbitrary directories and read arbitrary files via unspecified form fields.

Remediation

References

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20

Related Vulnerabilities

CVE-2020-6831 Vulnerability in maven package org.webjars.npm:electron

CVE-2022-39248 Vulnerability in maven package org.matrix.android:matrix-android-sdk2

CVE-2021-23926 Vulnerability in maven package org.apache.xmlbeans:xmlbeans

CVE-2022-39249 Vulnerability in npm package matrix-js-sdk

CVE-2023-33948 Vulnerability in maven package com.liferay.portal:release.portal.bom

Severity

High

Classification

CWE-22 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Vendor Advisory