apk package
chainguard/backup-restore-operator-10.0
pkg:apk/chainguard/backup-restore-operator-10.0
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-39883 | Hig | 7.0 | < 10.0.0-r1 | 10.0.0-r1 | Apr 8, 2026 | OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.15.0 to 1.42.0, the fix for CVE-2026-24051 changed the Darwin ioreg command to use an absolute path but left the BSD kenv command using a bare name, allowing the same PATH hijacking attack on BSD and Solaris platf | |
| CVE-2025-62879 | — | < 0 | 0 | Mar 4, 2026 | A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens (both accessKey and secretKey) into the rancher-backup-operator pod's logs. |
- affected < 10.0.0-r1fixed 10.0.0-r1
OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.15.0 to 1.42.0, the fix for CVE-2026-24051 changed the Darwin ioreg command to use an absolute path but left the BSD kenv command using a bare name, allowing the same PATH hijacking attack on BSD and Solaris platf
- CVE-2025-62879Mar 4, 2026affected < 0fixed 0
A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens (both accessKey and secretKey) into the rancher-backup-operator pod's logs.
Page 2 of 2