Description
All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. It logs private keys if logging level is set to DEBUG.
Remediation
References
https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570613
https://updates.snyk.io/snyk-broker-security-fixes-152338
Related Vulnerabilities
CVE-2022-29036 Vulnerability in maven package org.jenkins-ci.plugins:promoted-builds
CVE-2014-2058 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2015-0250 Vulnerability in maven package org.apache.xmlgraphics:batik-transcoder
CVE-2022-25898 Vulnerability in maven package org.webjars.npm:jsrsasign
CVE-2022-32533 Vulnerability in maven package org.apache.portals.jetspeed-2:jetspeed