CVE-2022-39351 Dependency-Track vulnerable to logging of API keys in clear text when handling API requests using keys with insufficient permissions

Dependency-Track is a Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Prior to version 4.6.0, performing an API request using a valid API key with insufficient permissions causes the API key to be written to Dependency-Track's audit...