Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting in them potentially being logged when run programmatically, such as via Puppet Enterprise.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://puppet.com/security/cve/CVE-2022-2394 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: puppet
Published: 2022-07-19T17:46:48.011706Z
Updated: 2024-09-16T20:22:09.334Z
Reserved: 2022-07-12T00:00:00
Link: CVE-2022-2394
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-07-19T18:15:11.563
Modified: 2024-11-21T07:00:54.223
Link: CVE-2022-2394
Redhat
No data.