Maven package
org.jenkins-ci.plugins/templating-engine
pkg:maven/org.jenkins-ci.plugins/templating-engine
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-31722 | — | < 2.5.4 | 2.5.4 | Apr 2, 2025 | In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM. | ||
| CVE-2021-21646 | — | < 2.2 | 2.2 | Apr 21, 2021 | Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM. |
- CVE-2025-31722Apr 2, 2025affected < 2.5.4fixed 2.5.4
In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM.
- CVE-2021-21646Apr 21, 2021affected < 2.2fixed 2.2
Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM.