logo

Database

Business information leak In github.com/siderolabs/omni

Description

Omni vulnerable to information leak via API

Impact

Omni might leak sensitive information via an API.

Patches

v1.1.5, v1.0.2 and v1.2.0 contain the patch.

Workarounds

None.

References

None.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2025-616882. NVD-2025-616883. OSV-2025-616884. GHSA-77r9-w39m-9xh55. GCVE-2025-61688

References

1. https://github.com/siderolabs/omni/security/advisories/GHSA-77r9-w39m-9xh52. https://pkg.go.dev/vuln/GO-2025-4022

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.