CVE-2025-58366
CVE-2025-58366 affects Onyxia (Onyxia-API) in versions 4.6.0–4.8.0. The vulnerability arises from leaking credentials of private Helm repositories via the unauthenticated public endpoint /public/catalogs, when catalogs配置 include username/password. The issue enables exposure of private repo creden...