Jenkins ssh-agent Docker Image < 6.11.2 SSH Host Key Reuse

According to their self-reported version numbers, the jenkins/ssh-agent docker containers running on the remote web server are affected by an SSH host key reuse vulnerability. In jenkins/ssh-agent Docker images 6.11.1 and earlier, SSH host keys are generated on image creation for images based on...

PT-2022-20414 · Jenkins · Jenkins Ssh Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins SSH Plugin versions 2.6.1 and earlier Description: A missing permission check in the Jenkins SSH Plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials...