Lucene search

CVE-2020-26226 Secret disclosure in semantic-release

🗓️ 18 Nov 2020 21:14:35Reported by GitHub_MType

Secret disclosure in semantic-release package version 17.2.

Reporter	Title	Published	Views	Family All 10
OSV	CVE-2020-26226	18 Nov 202022:15	–	osv
OSV	Secret disclosure when containing characters that become URI encoded	18 Nov 202021:19	–	osv
Prion	Code injection	18 Nov 202022:15	–	prion
GithubExploit	Exploit for Improper Encoding or Escaping of Output in Semantic-Release Project Semantic-Release	8 Dec 202013:40	–	githubexploit
Node.js	Secret disclosure	18 Nov 202021:21	–	nodejs
NVD	CVE-2020-26226	18 Nov 202022:15	–	nvd
RedhatCVE	CVE-2020-26226	5 Feb 202513:34	–	redhatcve
CVE	CVE-2020-26226	18 Nov 202022:15	–	cve
Veracode	Information Disclosure	19 Nov 202005:05	–	veracode
Github Security Blog	Secret disclosure when containing characters that become URI encoded	18 Nov 202021:19	–	github

[
  {
    "product": "semantic-release",
    "vendor": "semantic-release",
    "versions": [
      {
        "status": "affected",
        "version": "< 6.1.5"
      }
    ]
  }
]

Source	Link
github	www.github.com/semantic-release/semantic-release/commit/ca90b34c4a9333438cc4d69faeb43362bb991e5a
github	www.github.com/semantic-release/semantic-release/security/advisories/GHSA-r2j6-p67h-q639

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

18 Nov 2020 21:35Current

7.8High risk

Vulners AI Score7.8

CVSS38.1

EPSS0.00124

CWE-116