VYPR
Unrated severityNVD Advisory· Published Jul 19, 2022· Updated Sep 16, 2024

Sensitive Parameter Exposure in Puppet Bolt prior to 3.24

CVE-2022-2394

Description

Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting in them potentially being logged when run programmatically, such as via Puppet Enterprise.

Affected products

2
  • Boltcms/Boltllm-fuzzy
    Range: <3.24.0
  • Puppet/Boltv5
    Range: 3.24.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.