CVE-2023-37948
CVE-2023-37948 affects the Jenkins Oracle Cloud Infrastructure Compute Plugin (versions up to 1.0.16). The root cause is missing SSH host key validation when connecting to OCI clouds, enabling potential man-in-the-middle attacks. Impact is limited to the plugin’s inability to validate host keys; ...