Puppet · Puppet Bolt · CVE-2022-2394
**Name of the Vulnerable Software and Affected Versions**
Puppet Bolt versions prior to 3.24.0
**Description**
The issue allows sensitive parameters to be printed when planning a run, potentially resulting in them being logged when executed programmatically, such as through Puppet Enterprise.
**Recommendations**
For Puppet Bolt versions prior to 3.24.0, update to version 3.24.0 or later to resolve the issue. As a temporary workaround, consider restricting the logging of sensitive parameters when running Puppet Bolt programmatically until a patch is applied.