GHSA-XGPC-Q899-67P8 Fleet doesn’t validate a server’s certificate when connecting through SSH
Impact A vulnerability has been identified within Fleet where, by default, Fleet will automatically trust a remote server’s certificate when connecting through SSH if the certificate isn’t set in the knownhosts file. This could allow the execution of a man-in-the-middle MitM attack against Fleet...