2 matches found
com.groupon.jenkins-ci.plugins:DotCi-Plugins-Starter-Pack (>=1.7.2 <=1.8.2), com.groupon.jenkins.plugins:DotCi-Plugins-Starter-Pack (>=1.0.0 <=1.7.1) potentially affected by CVE-2016-4986 via org.tap4j:tap (=1.10)
org.tap4j:tap MAVEN version =1.10 is affected by a known vulnerability. The following packages have a transitive dependency on org.tap4j:tap and may be impacted: - com.groupon.jenkins-ci.plugins:DotCi-Plugins-Starter-Pack =1.7.2, =1.0.0, =1.7.1 Source cves: CVE-2016-4986 Source advisory:...
CVE-2016-4986
Directory traversal vulnerability in the TAP plugin before 1.25 in Jenkins allows remote attackers to read arbitrary files via an unspecified parameter...