Arbitrary Code Execution

Jenkins Templating Engine Plugin is vulnerable to Arbitrary Code Execution. The vulnerability is due to libraries defined in folders not being subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the Jenkins controller JVM...

CVE-2025-31722

In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...

CVE-2025-31722

In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...

Jenkins plugin Templating Engine 代码注入漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A code injection...

PT-2025-14512 · Jenkins · Jenkins Templating Engine Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Templating Engine Plugin versions 2.5.3 and earlier Description: The issue allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM, due to libraries defined in folders not...

Remote code execution vulnerability in Jenkins Templating Engine Plugin

Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin. This vulnerability allows attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM. Jenkins Templating Engine Plugin 2....

GHSA-P6QC-37HQ-WQR6 Remote code execution vulnerability in Jenkins Templating Engine Plugin

Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin. This vulnerability allows attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM. Jenkins Templating Engine Plugin 2....

CVE-2021-21646

Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...

CVE-2021-21646

Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...

CVE-2021-21646

Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...

CVE-2021-21646

The CVE-2021-21646 entry concerns the Jenkins Templating Engine Plugin, version 2.1 and earlier. The underlying issue is failure to protect pipeline configurations with the Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code in the Jenkins controller...

Jenkins Templating Engine Plugin 安全漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plug-ins to support building, deploying and automating any project . Jenkins Templating Engine Plugin in version 2.1 and earlier versions of a security vulnerability , the vulnerability...