Description
All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. It logs private keys if logging level is set to DEBUG.
Remediation
References
https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570613
https://updates.snyk.io/snyk-broker-security-fixes-152338
Related Vulnerabilities
CVE-2023-30867 Vulnerability in maven package org.apache.streampark:streampark
CVE-2016-6796 Vulnerability in maven package org.apache.tomcat:tomcat-jasper
CVE-2018-1000136 Vulnerability in npm package electron
CVE-2023-33201 Vulnerability in maven package org.bouncycastle:bcprov-jdk15to18
CVE-2017-18239 Vulnerability in maven package com.jason-goodwin:authentikat-jwt_2.12