5 matches found
CVE-2020-26226
In the npm package semantic-release before version 17.2.3, secrets that would normally be masked by semantic-release can be accidentally disclosed if they contain characters that become encoded when included in a URL. Secrets that do not contain characters that become encoded when included in a U...
CVE-2020-26226
creationtimestamp| type| source ---|---|--- 2020-11-19 00:40:41+00:00| seen| https://t.me/cibsecurity/16564 2020-12-09 06:25:20+00:00| seen| https://t.me/cibsecurity/17398...
CVE-2020-26226
In the npm package semantic-release before version 17.2.3, secrets that would normally be masked by semantic-release can be accidentally disclosed if they contain characters that become encoded when included in a URL. Secrets that do not contain characters that become encoded when included in a U...
CVE-2020-26226
CVE-2020-26226 affects the npm package semantic-release (pre-17.2.3). The vulnerability causes secrets that should be masked to be disclosed when they contain characters that become URI-encoded in a URL. The issue is resolved in version 17.2.3; upgrade to 17.2.3 or newer to mitigate. The CVSS met...
CVE-2020-26226 Secret disclosure in semantic-release
In the npm package semantic-release before version 17.2.3, secrets that would normally be masked by semantic-release can be accidentally disclosed if they contain characters that become encoded when included in a URL. Secrets that do not contain characters that become encoded when included in a U...