CVE-2016-4987 – com.tupilabs.image_gallery:image-gallery

Package

Manager: maven
Name: com.tupilabs.image_gallery:image-gallery
Vulnerable Version: >=0 <1.4

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00427 pctl0.61468

Details

Jenkins Image Gallery Plugin allows Path Traversal Directory traversal vulnerability in the Image Gallery plugin before 1.4 in Jenkins allows remote attackers to list arbitrary directories and read arbitrary files via unspecified form fields.

Metadata

Created: 2022-05-13T01:30:59Z
Modified: 2025-03-13T18:00:05Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-8xr3-54w2-8xjp/GHSA-8xr3-54w2-8xjp.json
CWE IDs: ["CWE-22"]
Alternative ID: GHSA-8xr3-54w2-8xjp
Finding: F063
Auto approve: 1