CVE-2022-2394 - Puppet Bolt

  • Posted 2022-07-15

  • Assessed Risk Level: Medium

  • CVSS 3.1 Base Score: 4.1

Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting in them potentially being logged when run programmatically, such as via Puppet Enterprise.

Status:

Affected software versions:

  • Puppet Bolt prior to 3.24.0

Resolved in:

  • Puppet Bolt 3.24.0