Dismissed
Permalink
CVE-2025-62879
6.8 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): HIGH
- User interaction (UI): NONE
- Scope (S): CHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): NONE
- Availability impact (A): NONE
by @LeSuisse Activity log
- Created automatic suggestion
-
@LeSuisse
removed
3 packages
- rancher
- terraform-providers.rancher2
- terraform-providers.rancher_rancher2
- @LeSuisse dismissed
Rancher Backup Operator pod's logs leak S3 tokens
A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens (both accessKey and secretKey) into the rancher-backup-operator pod's logs.
References
Affected products
github.com/rancher/backup-restore-operator
- <9.0.1
- <8.1.2
- <6.0.3
- <7.0.5
Ignored packages (3)
pkgs.rancher
Rancher Command Line Interface (CLI) is a unified tool for interacting with your Rancher Server
pkgs.terraform-providers.rancher2
None
-
nixos-unstable rancher2-13.1.4
- nixpkgs-unstable rancher2-13.1.4
- nixos-unstable-small rancher2-13.1.4
-
nixos-25.11 rancher2-8.3.1
- nixos-25.11-small rancher2-8.3.1
- nixpkgs-25.11-darwin rancher2-8.3.1
pkgs.terraform-providers.rancher_rancher2
None
-
nixos-unstable rancher2-13.1.4
- nixpkgs-unstable rancher2-13.1.4
- nixos-unstable-small rancher2-13.1.4
-
nixos-25.11 rancher2-8.3.1
- nixos-25.11-small rancher2-8.3.1
- nixpkgs-25.11-darwin rancher2-8.3.1