VYPR
Moderate severityNVD Advisory· Published Mar 4, 2026· Updated Mar 4, 2026

Rancher Backup Operator pod's logs leak S3 tokens

CVE-2025-62879

Description

A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens (both accessKey and secretKey) into the rancher-backup-operator pod's logs.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/rancher/backup-restore-operatorGo
>= 9.0.0, < 9.0.19.0.1
github.com/rancher/backup-restore-operatorGo
>= 8.0.0, < 8.1.28.1.2
github.com/rancher/backup-restore-operatorGo
>= 7.0.0, < 7.0.57.0.5
github.com/rancher/backup-restore-operatorGo
>= 6.0.0, < 6.0.36.0.3

Affected products

8

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.