Vulnerabilities > Semantic Release Project > Semantic Release > 15.1.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-18 | CVE-2020-26226 | Improper Encoding or Escaping of Output vulnerability in Semantic-Release Project Semantic-Release In the npm package semantic-release before version 17.2.3, secrets that would normally be masked by `semantic-release` can be accidentally disclosed if they contain characters that become encoded when included in a URL. | 5.8 |