Lucene search
K

14 matches found

GithubExploit
GithubExploit
added 2026/03/13 9:39 p.m.165 views

Exploit for Code Injection in Jenkins Templating_Engine

CVE-2025-31722 — Jenkins Templating Engine RCE For educat...

8.8CVSS5.9AI score0.01171EPSS
Exploits1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-9533

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.01171EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:11 p.m.7 views

CVE-2021-21646

Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...

8.8CVSS7.5AI score0.01749EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/04 3:39 p.m.29 views

CVE-2025-31722

In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...

8.8CVSS7.9AI score0.01171EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2025/04/02 3:31 p.m.29 views

Jenkins Templating Engine Plugin Vulnerable to Arbitrary Code Execution

Jenkins Templating Engine Plugin allows defining libraries both in the global configuration, as well as scoped to folders containing the pipelines using them. While libraries in the global configuration can only be set up by administrators and can therefore be trusted, libraries defined in folder...

8.8CVSS7.8AI score0.01171EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/04/02 3:31 p.m.13 views

GHSA-4VJP-327P-W4QV Jenkins Templating Engine Plugin Vulnerable to Arbitrary Code Execution

Jenkins Templating Engine Plugin allows defining libraries both in the global configuration, as well as scoped to folders containing the pipelines using them. While libraries in the global configuration can only be set up by administrators and can therefore be trusted, libraries defined in folder...

8.8CVSS7.8AI score0.01171EPSS
Exploits1References4
NVD
NVD
added 2025/04/02 3:15 p.m.22 views

CVE-2025-31722

In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...

8.8CVSS0.01171EPSS
Exploits1References1
OSV
OSV
added 2025/04/02 3:15 p.m.11 views

CVE-2025-31722

In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...

8.8CVSS7.4AI score
Exploits0References1
Cvelist
Cvelist
added 2025/04/02 2:59 p.m.28 views

CVE-2025-31722

In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...

0.01171EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/04/02 2:59 p.m.18 views

CVE-2025-31722

In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...

7.8AI score0.01171EPSS
Exploits1References1
CVE
CVE
added 2025/04/02 2:59 p.m.131 views

CVE-2025-31722

CVE-2025-31722 affects the Jenkins Templating Engine Plugin, version 2.5.3 and earlier. The root cause is that libraries defined in folders are not sandboxed, allowing attackers with Item/Configure permission to execute arbitrary code in the Jenkins controller JVM. The description from multiple c...

8.8CVSS7.8AI score0.01171EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/02 12:0 a.m.7 views

PT-2025-14512 · Jenkins · Jenkins Templating Engine Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Templating Engine Plugin versions 2.5.3 and earlier Description: The issue allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM, due to libraries defined in folders not...

9CVSS6.8AI score0.01171EPSS
Exploits1References16
CNVD
CNVD
added 2021/04/23 12:0 a.m.5 views

Jenkins Templating Engine Plugin Remote Code Execution Vulnerability

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plug-ins to support building, deploying and automating any project . Jenkins Templating Engine Plugin in version 2.1 and earlier versions of a security vulnerability , the vulnerability...

8.8CVSS7AI score0.01749EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/04/21 12:0 a.m.6 views

PT-2021-14689 · Jenkins · Script Security Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins Templating Engine Plugin versions 2.1 and earlier Description: The issue allows attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM. This is due to the lack of protection for...

8.8CVSS8.8AI score0.01749EPSS
Exploits0References8
Rows per page
Query Builder