Amdprophet

Name of the Vulnerable Software and Affected Versions: Sensu Core versions prior to 1.2.0 Sensu Core version before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b sensu rubygem versions prior to 1.2.0 Description: The issue is related to a flaw in `Sensu::Utilities.redact sensitive()` that can result in sensitive configuration data, such as passwords, being logged in clear-text. This can be exploited when victims have configuration matching a specific pattern, causing sensitive data to be outputted in their service log files. Recommendations: For Sensu Core versions prior to 1.2.0, upgrade to version 1.2.1 or later. For Sensu Core version before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b, apply the changes after commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b to fix the issue. For sensu rubygem versions prior to 1.2.0, upgrade to rubygem version 1.2.1 or later.