CyberSecurityBoard
Sponsor Register Login

Jenkins Docker Images Vulnerability Let Attackers Insert Themselves in Network Path

The vulnerability, disclosed in a Jenkins Security Advisory on April 10, 2025, affects SSH host key handling in certain Docker images and could allow attackers to execute man-in-the-middle attacks against Jenkins build environments. The vulnerability stems from SSH host keys being generated during image creation rather than container startup for Debian-based images. “The jenkins/ssh-agent 6.11.2 Docker images based on Debian delete the automatically generated SSH host keys created during image creation. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. This fundamentally undermines the security model of SSH, where host keys are intended to uniquely identify servers and establish trust relationships. The vulnerability enables attackers who can intercept network traffic between the Jenkins controller and SSH build agents to impersonate legitimate agents without triggering SSH authenticity warnings.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 11 Apr 2025 08:55:11 +0000


Cyber News related to Jenkins Docker Images Vulnerability Let Attackers Insert Themselves in Network Path

Docker Image Building Best Practices - Starting with a basic, minimum image is essential when creating Docker images. They let you utilize numerous Docker images throughout the build process, which helps to reduce the size of the final image by removing unneeded build artifacts. Docker ...
1 year ago Feeds.dzone.com
What Is Patch Management? - Containers are created using a container image, and a container image is created using a Dockerfile/Containerfile that includes instructions for building an image. Considering the patch management and vulnerability management for containers, let's ...
1 year ago Feeds.dzone.com
CVE-2024-23897: Assessing the Impact of the Jenkins Arbitrary File Leak Vulnerability - Last Wednesday, on January 24, 2024, the Jenkins team issued a security advisory disclosing a critical vulnerability, CVE-2024-23897, affecting the Jenkins CI/CD tool. This advisory set off alarm bells among the infosec community because the ...
1 year ago Securityboulevard.com CVE-2024-23897 CVE-2023-23897
PoC Exploits Heighten Risks Around Critical New Jenkins Vuln - Internet-exposed Jenkins servers remain unpatched against a critical, recently disclosed arbitrary file-read vulnerability for which proof-of-exploit code is now publicly available. CVE-2024-23897 affects the built-in Jenkins command line interface ...
1 year ago Darkreading.com CVE-2024-23897
New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet - On vulnerable endpoints, the Docker API is used to spawn an Alpine container and then retrieve an initialization shell script (init.sh) from a remote server ("solscan[.]live") that, in turn, checks if it's running as the root user and tools like curl ...
9 months ago Thehackernews.com
Python Malware Poses DDoS Threat Via Docker API Misconfiguration - Security researchers have identified a new cyber-threat targeting publicly exposed instances of the Docker Engine API. In this campaign, attackers exploit misconfigurations to deploy a malicious Docker container with Python malware compiled as an ELF ...
1 year ago Infosecurity-magazine.com
Jenkins Docker Images Vulnerability Let Attackers Insert Themselves in Network Path - The vulnerability, disclosed in a Jenkins Security Advisory on April 10, 2025, affects SSH host key handling in certain Docker images and could allow attackers to execute man-in-the-middle attacks against Jenkins build environments. The vulnerability ...
3 months ago Cybersecuritynews.com
New Malware Hijacking Docker Images with Unique Obfuscation Technique - A newly discovered malware campaign is targeting Docker environments, employing a sophisticated, multi-layered obfuscation technique to evade detection and hijack compute resources for cryptojacking. Security researchers from Darktrace and Cado ...
2 months ago Cybersecuritynews.com
CVE-2022-39206 - Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. When using Docker-based job executors, the Docker socket (e.g. /var/run/docker.sock on Linux) is mounted into each Docker step. Users that can define and trigger CI/CD jobs on a ...
2 years ago
Network Protection: How to Secure a Network - Network security protects and monitors the links and the communications within the network using a combination of hardware, software, and enforced policies. Best practices for network security directly counter the major threats to the network with ...
1 year ago Esecurityplanet.com
Why Use a VLAN? Unveiling the Benefits of Virtual LANs in Network Security - Virtual Local Area Networks, or VLANs, serve as a critical computing technology designed for effective network traffic management. How VLANs function within a network environment revolves around effectively managing and directing network traffic. ...
1 year ago Securityboulevard.com
CVE-2023-22746 - CKAN is an open-source DMS (data management system) for powering data hubs and data portals. When creating a new container based on one of the Docker images listed below, the same secret key was being used by default. If the users didn't set a ...
2 years ago
NVIDIA’s Incomplete Patch for Critical Flaw Lets Attackers Steal AI Model Data - Organizations using NVIDIA Container Toolkit or Docker on Linux are at risk, especially those running AI workloads like machine learning for healthcare, finance, or autonomous systems. A critical vulnerability in NVIDIA’s Container Toolkit, ...
3 months ago Cybersecuritynews.com CVE-2024-0132
Hackers Exploiting Docker Swarm, Kubernetes & SSH Servers In Large Scale - The primary goal was “cryptojacking,” using the XMRig miner to mine “Monero cryptocurrency.” The attackers showed advanced tactics by manipulating “Docker Swarm,” to create a botnet-like network of compromised ...
9 months ago Cybersecuritynews.com TeamTNT
Docker Registry Vulnerability Lets MacOS Users Pull Images from Any Registry - A newly disclosed vulnerability in Docker Desktop’s Registry Access Management (RAM) feature has left macOS users vulnerable to unauthorized image pulls, undermining critical container security controls. Docker’s Registry Access Management (RAM) ...
2 months ago Cybersecuritynews.com CVE-2025-4095
The AI-Generated Child Abuse Nightmare Is Here - Over the course of September, analysts at the IWF focused on one dark web CSAM forum, which it does not name, that generally focuses on "Softcore imagery" and imagery of girls. Within a newer AI section of the forum, a total of 20,254 AI-generated ...
1 year ago Wired.com
but that doesn't mean we shouldn't be concerned - These images, believed to be created using Microsoft Designer, garnered widespread attention and highlighted the ever-growing challenge of AI-generated fake pornography. As these images rapidly spread across the platform, the incident not only ...
1 year ago Blog.avast.com
CVE-2021-41092 - Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically `~/.docker/config.json`) ...
3 years ago
CVE-2024-29018 - Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP ...
1 year ago
CVE-2024-6222 - In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages. Docker Desktop v4.29.0 ...
1 year ago Tenable.com
CVE-2023-0629 - Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/docker_engine_linux on Windows, via the -H (--host) CLI flag or the ...
2 years ago
Content Credentials Show Promise, But Ecosystem Still Young - It's a good start, but an end-to-end workflow requires more: Cameras or smartphones to generate signed images, support for Content Credentials in a wide variety of image-editing software, and the ability to view authenticated metadata on social ...
4 months ago Darkreading.com
Novel Crytpojacking Campaign is Targeting Docker APIs Across the Internet - Cado security researchers recently identified a sophisticated cryptojacking campaign that exploits exposed Docker API endpoints over the internet. The first container, created with the Commando open-source tool, seems innocent, but it allows the ...
1 year ago Cysecurity.news TeamTNT
Leaky Vessels flaws allow hackers to escape Docker, runc containers - The flaws were discovered by Snyk security researcher Rory McNamara in November 2023, who reported them to impacted parties for fixing. Snyk has found no signs of active exploitation of the Leaky Vessels flaws in the wild, but the publicity could ...
1 year ago Bleepingcomputer.com CVE-2024-21626 CVE-2024-23651 CVE-2024-23652 CVE-2024-23653
New Malware Campaign Exploits 9hits in Docker Assault - Security researchers have uncovered a novel cyber-attack campaign targeting vulnerable Docker services. The attacks mark the first documented case of malware utilizing the 9hits application as a payload. Discovered by Cado Security Labs, the campaign ...
1 year ago Infosecurity-magazine.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)