Skip to main content

Ssh Agent

2 CVEs product

Monthly

CVE-2025-32754 CRITICAL Act Now

In jenkins/ssh-agent Docker images 6.11.1 and earlier, SSH host keys are generated on image creation for images based on Debian, causing all containers based on images of the same version use the. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Docker Jenkins Debian Ssh Agent
NVD
CVSS 3.1
9.1
EPSS
0.2%
CVE-2018-1999036 Maven MEDIUM PATCH This Month

An exposure of sensitive information vulnerability exists in Jenkins SSH Agent Plugin 1.15 and earlier in SSHAgentStepExecution.java that exposes the SSH private key password to users with permission. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Jenkins Information Disclosure Ssh Agent
NVD
CVSS 3.0
6.5
EPSS
1.4%
EPSS 0% CVSS 9.1
CRITICAL Act Now

In jenkins/ssh-agent Docker images 6.11.1 and earlier, SSH host keys are generated on image creation for images based on Debian, causing all containers based on images of the same version use the. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Docker Jenkins +2
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

An exposure of sensitive information vulnerability exists in Jenkins SSH Agent Plugin 1.15 and earlier in SSHAgentStepExecution.java that exposes the SSH private key password to users with permission. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Jenkins Information Disclosure +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy