VYPR

Maven package

org.jenkins-ci.plugins/templating-engine

pkg:maven/org.jenkins-ci.plugins/templating-engine

Vulnerabilities (2)

  • CVE-2025-31722Apr 2, 2025
    affected < 2.5.4fixed 2.5.4

    In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM.

  • CVE-2021-21646Apr 21, 2021
    affected < 2.2fixed 2.2

    Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM.