diff --git a/core/src/main/java/feign/template/Expressions.java b/core/src/main/java/feign/template/Expressions.java
index ecd1b99e..05c76b5b 100644
--- a/core/src/main/java/feign/template/Expressions.java
+++ b/core/src/main/java/feign/template/Expressions.java
@@ -88,8 +88,8 @@ public final class Expressions {
       /* we have a valid variable expression, extract the name from the first group */
       variableName = matcher.group(3).trim();
       if (variableName.contains(":")) {
-        /* split on the colon */
-        String[] parts = variableName.split(":");
+        /* split on the colon and ensure the size of parts array must be 2 */
+        String[] parts = variableName.split(":", 2);
         variableName = parts[0];
         variablePattern = parts[1];
       }
diff --git a/core/src/test/java/feign/template/ExpressionsTest.java b/core/src/test/java/feign/template/ExpressionsTest.java
index 051004c4..e374255c 100644
--- a/core/src/test/java/feign/template/ExpressionsTest.java
+++ b/core/src/test/java/feign/template/ExpressionsTest.java
@@ -28,6 +28,19 @@ public class ExpressionsTest {
     assertThat(expanded).isEqualToIgnoringCase("foo=bar");
   }
 
+  @Test
+  public void malformedExpression() {
+    String[] malformedStrings = {"{:}", "{str1:}", "{str1:{:}", "{str1:{str2:}"};
+
+    for (String malformed : malformedStrings) {
+      try {
+        Expressions.create(malformed);
+      } catch (Exception e) {
+        assertThatObject(e).isNotInstanceOf(ArrayIndexOutOfBoundsException.class);
+      }
+    }
+  }
+
   @Test
   public void malformedBodyTemplate() {
     String bodyTemplate = "{" + "a".repeat(65536) + "}";