Jenkins Templating Engine Security Vulnerabilities in 2025

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Jenkins Templating Engine.

By the Year

In 2025 there have been 1 vulnerability in Jenkins Templating Engine. Templating Engine did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2025 as compared to last year.

Year	Vulnerabilities	Average Score
2025	1	0.00
2024	0	0.00
2023	0	0.00
2022	0	0.00
2021	1	8.80

It may take a day or so for new Templating Engine vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Jenkins Templating Engine Security Vulnerabilities

Jenkins Templating Engine Plugin <2.5.3 unsandboxed libs allow code execution
CVE-2025-31722 - April 02, 2025

In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM.

Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin
CVE-2021-21646 8.8 - High - April 21, 2021

Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Jenkins Templating Engine or by Jenkins? Click the Watch button to subscribe.

Jenkins
Vendor

Jenkins Templating Engine
Product

Jenkins Templating Engine

Don't miss out!

By the Year

Recent Jenkins Templating Engine Security Vulnerabilities

Jenkins Templating Engine Plugin <2.5.3 unsandboxed libs allow code execution CVE-2025-31722 - April 02, 2025

Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin CVE-2021-21646 8.8 - High - April 21, 2021

Stay on top of Security Vulnerabilities

Jenkins Vendor

Jenkins Templating EngineProduct

Jenkins Templating Engine Plugin <2.5.3 unsandboxed libs allow code execution
CVE-2025-31722 - April 02, 2025

Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin
CVE-2021-21646 8.8 - High - April 21, 2021

Jenkins
Vendor

Jenkins Templating Engine
Product