Security Advisory

CVE-2020-26226

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-11-18 21:35:14

Last updated 2024-08-04 15:56:03

Assigner GitHub_M

State PUBLISHED

Description

In the npm package semantic-release before version 17.2.3, secrets that would normally be masked by `semantic-release` can be accidentally disclosed if they contain characters that become encoded when included in a URL. Secrets that do not contain characters that become encoded when included in a URL are already masked properly. The issue is fixed in version 17.2.3.

← Browse all CVEs View on cve.org ↗