The vulnerability of the SSH client ssh-slave in Jenkins automation servers arises from errors in the code of the pseudorandom number generator used for generating host keys. This vulnerability allows an attacker to execute a “man-in-the-middle” type attack.

The vulnerability of the SSH client ssh-slave in Jenkins automation servers is related to errors in the code of the pseudorandom number generator used for generating host keys. Exploiting this vulnerability allows a remote attacker to execute a “man-in-the-middle” type attack...

CVE-2025-32755

In jenkins/ssh-slave Docker images based on Debian, SSH host keys are generated on image creation for images based on Debian, causing all containers based on images of the same version use the same SSH host keys, allowing attackers able to insert themselves into the network path between the SSH...

PT-2025-15974 · Unknown +1 · Jenkins/Ssh-Slave +1

Name of the Vulnerable Software and Affected Versions: Jenkins/ssh-slave Docker images based on Debian affected versions not specified Description: The issue arises from SSH host keys being generated on image creation for Jenkins/ssh-slave Docker images based on Debian. This results in all...