Rancher Backup Operator pod's logs leak S3 tokens
A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens (both accessKey and secretKey) into the rancher-backup-operator pod's logs. Specifically, the S3 accessKey and secretKey are exposed in the pod's logs under the following logging level conditions: | Variable Exposed | Logging Level Condition | —————— | ————————- | | accessKey | trace: false (default), and debug: false (default) | | secretKey | …