—
GO-2026-5316
Omni: Operator can traverse image-factory API paths via unsanitized `talos_version` in CreateSchematic in github.com/siderolabs/omni
Details
Omni: Operator can traverse image-factory API paths via unsanitized `talos_version` in CreateSchematic in github.com/siderolabs/omni
Are you affected?
Enter the version of the package you're using.
Affected packages
Go / github.com/siderolabs/omni
Introduced in:
0 Fixed in: 1.6.6 Fix
go get github.com/siderolabs/omni@v1.6.6