Andreaangiolillo

**Name of the Vulnerable Software and Affected Versions** GoReleaser versions prior to 1.24.0 **Description** The issue is related to information disclosure through log files. When using a custom publisher with `goreleaser release --debug`, secret values used in the custom publisher are printed to the log. This could allow an attacker to disclose protected information. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For versions prior to 1.24.0, update to version 1.24.0 to resolve the issue. As a temporary workaround, consider avoiding the use of the `--debug` flag with `goreleaser release` to minimize the risk of secret values being printed to the log.