Improper Certificate Validation
It was found that jenkins-ssh-slaves-plugin before version 1.15 does not perform host key verification, thereby enabling Man-in-the-Middle attacks.
Advisories for Maven/Org.jenkins-Ci.plugins/Ssh-Slaves package
2022
It was found that jenkins-ssh-slaves-plugin before version 1.15 does not perform host key verification, thereby enabling Man-in-the-Middle attacks.