snyk-broker is vulnerable to information disclosure. The vulnerability exists because it does not prevent the leakage of origin information in the function bunyan.createLogger
, allowing the attacker to get the sensitive information from the logs as it stores private keys with logging level setting as DEBUG.