A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes (inventory service nodes).
[
{
"product": "Puppet Enterprise",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2019.8.7"
}
]
}
]