Description
All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. It logs private keys if logging level is set to DEBUG.
Remediation
References
https://updates.snyk.io/snyk-broker-security-fixes-152338
https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570613
Related Vulnerabilities
CVE-2021-40369 Vulnerability in maven package org.apache.jspwiki:jspwiki-main
CVE-2010-3449 Vulnerability in maven package org.codehaus.redback:redback-system
CVE-2021-25642 Vulnerability in maven package org.apache.hadoop:hadoop-yarn-server-resourcemanager
CVE-2022-41224 Vulnerability in maven package org.jenkins-ci.main:jenkins-core