CNNVD-202510-1653 Information

CNNVD ID

CNNVD-202510-1653

Related CVE

CVE-2025-61688

• CNNVD Published: 2025-10-13

Description (Chinese)

omni是Sidero Labs, Inc.开源的一个Kubernetes的部署工具。 omni 1.1.5之前版本和1.0.2之前版本存在信息泄露漏洞，该漏洞源于API可能泄露敏感信息。

Description (English)

Onni is a Kubernetes deployment tool for Sidero Labs, Inc. There is an information leakage loophole in previous versions 1.1.5 and 1.0.2, which stems from the potential for API to leak sensitive information.

Hazard Level

High

Vulnerability Type

信息泄露

Affected Vendor

Sidero Labs, Inc.

Published

2025-10-13

Last Modified

2026-02-24

References

https://github.com/siderolabs/omni/security/advisories/GHSA-77r9-w39m-9xh5 https://access.redhat.com/security/cve/cve-2025-61688

Patch

https://github.com/siderolabs/omni/releases