14 matches found
Exploit for Code Injection in Jenkins Templating_Engine
CVE-2025-31722 — Jenkins Templating Engine RCE For educat...
EUVD-2025-9533
Malicious code in bioql PyPI...
CVE-2021-21646
Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...
CVE-2025-31722
In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...
Jenkins Templating Engine Plugin Vulnerable to Arbitrary Code Execution
Jenkins Templating Engine Plugin allows defining libraries both in the global configuration, as well as scoped to folders containing the pipelines using them. While libraries in the global configuration can only be set up by administrators and can therefore be trusted, libraries defined in folder...
GHSA-4VJP-327P-W4QV Jenkins Templating Engine Plugin Vulnerable to Arbitrary Code Execution
Jenkins Templating Engine Plugin allows defining libraries both in the global configuration, as well as scoped to folders containing the pipelines using them. While libraries in the global configuration can only be set up by administrators and can therefore be trusted, libraries defined in folder...
CVE-2025-31722
In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...
CVE-2025-31722
In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...
CVE-2025-31722
In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...
CVE-2025-31722
In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...
CVE-2025-31722
CVE-2025-31722 affects the Jenkins Templating Engine Plugin, version 2.5.3 and earlier. The root cause is that libraries defined in folders are not sandboxed, allowing attackers with Item/Configure permission to execute arbitrary code in the Jenkins controller JVM. The description from multiple c...
PT-2025-14512 · Jenkins · Jenkins Templating Engine Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Templating Engine Plugin versions 2.5.3 and earlier Description: The issue allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM, due to libraries defined in folders not...
Jenkins Templating Engine Plugin Remote Code Execution Vulnerability
Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plug-ins to support building, deploying and automating any project . Jenkins Templating Engine Plugin in version 2.1 and earlier versions of a security vulnerability , the vulnerability...
PT-2021-14689 · Jenkins · Script Security Plugin +2
Name of the Vulnerable Software and Affected Versions: Jenkins Templating Engine Plugin versions 2.1 and earlier Description: The issue allows attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM. This is due to the lack of protection for...