Search

Find a vulnerability

Search criteria

    16 vulnerabilities found for tekton_pipelines by linuxfoundation

    CVE-2026-40938 (GCVE-0-2026-40938)

    Vulnerability from nvd – Published: 2026-04-21 20:45 – Updated: 2026-06-30 12:05
    VLAI
    Title
    Tekton Pipelines: Git Resolver Unsanitized Revision Parameter Enables git Argument Injection Leading to RCE
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the git resolver's revision parameter is passed directly as a positional argument to git fetch without any validation that it does not begin with a - character. Because git parses flags from mixed positional arguments, an attacker can inject arbitrary git fetch flags such as --upload-pack=<binary>. Combined with the validateRepoURL function explicitly permitting URLs that begin with / (local filesystem paths), a tenant who can submit ResolutionRequest objects can chain these two behaviors to execute an arbitrary binary on the resolver pod. The tekton-pipelines-resolvers ServiceAccount holds cluster-wide get/list/watch on all Secrets, so code execution on the resolver pod enables full cluster-wide secret exfiltration. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
    Assigner
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 1.0.0, < 1.0.2
    Affected: >= 1.2.0, < 1.3.4
    Affected: >= 1.4.0, < 1.6.2
    Affected: >= 1.7.0, < 1.9.3
    Affected: >= 1.10.0, < 1.11.1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Builds 1.7.3     cpe:/a:redhat:openshift_builds:1.7::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Builds 1.8.0     cpe:/a:redhat:openshift_builds:1.8::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Pipelines 1.21     cpe:/a:redhat:openshift_pipelines:1.21::el9
    Create a notification for this product.
    Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
    Create a notification for this product.
    Red Hat OpenShift Lightspeed     cpe:/a:redhat:openshift_lightspeed
    Create a notification for this product.
    Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40938",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-22T18:31:54.871943Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-22T18:36:16.790Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-94jr-7pqp-xhcq"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1.7::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Builds 1.7.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1.8::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Builds 1.8.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1.21::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Pipelines 1.21",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Pipelines",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_lightspeed"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Lightspeed",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:serverless:1"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Serverless",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-21T20:45:24.658Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Tekton Pipelines, a system for declaring continuous integration/continuous delivery (CI/CD) pipelines. An authenticated user, able to submit `ResolutionRequest` objects, can exploit a vulnerability by injecting malicious commands into the git resolver\u0027s revision parameter. This allows for the execution of unauthorized programs on the resolver pod. Successful exploitation can lead to the exfiltration of all cluster-wide secrets, resulting in significant information disclosure."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-88",
                    "description": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:05:58.492Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-40938"
              },
              {
                "name": "RHBZ#2460292",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460292"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-40938.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24359"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17546"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:26538"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:26519"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24484"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:24359: Red Hat OpenShift Builds 1.7.3"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17546: Red Hat OpenShift Builds 1.8.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:26538: Red Hat OpenShift Pipelines 1.21"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:26519: Red Hat OpenShift Pipelines 1.21"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24484: Red Hat OpenShift Pipelines 1.21"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-21T21:02:16.557Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-21T20:45:24.658Z",
                "value": "Made public."
              }
            ],
            "title": "github.com/tektoncd/pipeline: Tekton Pipelines: Arbitrary code execution and secret exfiltration via malicious git commands",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.0.0, \u003c 1.0.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.2.0, \u003c 1.3.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.4.0, \u003c 1.6.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.7.0, \u003c 1.9.3"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.10.0, \u003c 1.11.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the git resolver\u0027s revision parameter is passed directly as a positional argument to git fetch without any validation that it does not begin with a - character. Because git parses flags from mixed positional arguments, an attacker can inject arbitrary git fetch flags such as --upload-pack=\u003cbinary\u003e. Combined with the validateRepoURL function explicitly permitting URLs that begin with / (local filesystem paths), a tenant who can submit ResolutionRequest objects can chain these two behaviors to execute an arbitrary binary on the resolver pod. The tekton-pipelines-resolvers ServiceAccount holds cluster-wide get/list/watch on all Secrets, so code execution on the resolver pod enables full cluster-wide secret exfiltration. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-88",
                  "description": "CWE-88: Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-21T22:40:09.754Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-94jr-7pqp-xhcq",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-94jr-7pqp-xhcq"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/releases/tag/v1.11.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/releases/tag/v1.11.1"
            }
          ],
          "source": {
            "advisory": "GHSA-94jr-7pqp-xhcq",
            "discovery": "UNKNOWN"
          },
          "title": "Tekton Pipelines: Git Resolver Unsanitized Revision Parameter Enables git Argument Injection Leading to RCE"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-40938",
        "datePublished": "2026-04-21T20:45:24.658Z",
        "dateReserved": "2026-04-15T20:40:15.518Z",
        "dateUpdated": "2026-06-30T12:05:58.492Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-40924 (GCVE-0-2026-40924)

    Vulnerability from nvd – Published: 2026-04-21 20:47 – Updated: 2026-05-22 16:03
    VLAI
    Title
    Tekton Pipelines: HTTP Resolver Unbounded Response Body Read Enables Denial of Service via Memory Exhaustion
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the HTTP resolver's FetchHttpResource function calls io.ReadAll(resp.Body) with no response body size limit. Any tenant with permission to create TaskRuns or PipelineRuns that reference the HTTP resolver can point it at an attacker-controlled HTTP server that returns a very large response body within the 1-minute timeout window, causing the tekton-pipelines-resolvers pod to be OOM-killed by Kubernetes. Because all resolver types (Git, Hub, Bundle, Cluster, HTTP) run in the same pod, crashing this pod denies resolution service to the entire cluster. Repeated exploitation causes a sustained crash loop. The same vulnerable code path is reached by both the deprecated pkg/resolution/resolver/http and the current pkg/remoteresolution/resolver/http implementations. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    References
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 1.0.0, < 1.0.2
    Affected: >= 1.2.0, < 1.3.4
    Affected: >= 1.4.0, < 1.6.2
    Affected: >= 1.7.0, < 1.9.3
    Affected: >= 1.10.0, < 1.11.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40924",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-22T13:21:18.942819Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-22T13:21:28.680Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-m2cx-gpqf-qf74"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.0.0, \u003c 1.0.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.2.0, \u003c 1.3.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.4.0, \u003c 1.6.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.7.0, \u003c 1.9.3"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.10.0, \u003c 1.11.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the HTTP resolver\u0027s FetchHttpResource function calls io.ReadAll(resp.Body) with no response body size limit. Any tenant with permission to create TaskRuns or PipelineRuns that reference the HTTP resolver can point it at an attacker-controlled HTTP server that returns a very large response body within the 1-minute timeout window, causing the tekton-pipelines-resolvers pod to be OOM-killed by Kubernetes. Because all resolver types (Git, Hub, Bundle, Cluster, HTTP) run in the same pod, crashing this pod denies resolution service to the entire cluster. Repeated exploitation causes a sustained crash loop. The same vulnerable code path is reached by both the deprecated pkg/resolution/resolver/http and the current pkg/remoteresolution/resolver/http implementations. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-22T16:03:53.528Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-m2cx-gpqf-qf74",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-m2cx-gpqf-qf74"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/releases/tag/v1.11.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/releases/tag/v1.11.1"
            }
          ],
          "source": {
            "advisory": "GHSA-m2cx-gpqf-qf74",
            "discovery": "UNKNOWN"
          },
          "title": "Tekton Pipelines: HTTP Resolver Unbounded Response Body Read Enables Denial of Service via Memory Exhaustion"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-40924",
        "datePublished": "2026-04-21T20:47:47.178Z",
        "dateReserved": "2026-04-15T20:40:15.517Z",
        "dateUpdated": "2026-05-22T16:03:53.528Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-40923 (GCVE-0-2026-40923)

    Vulnerability from nvd – Published: 2026-04-21 20:50 – Updated: 2026-05-22 15:41
    VLAI
    Title
    Tekton Pipelines: VolumeMount path restriction bypass via missing filepath.Clean in /tekton/ check
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, a validation bypass in the VolumeMount path restriction allows mounting volumes under restricted /tekton/ internal paths by using .. path traversal components. The restriction check uses strings.HasPrefix without filepath.Clean, so a path like /tekton/home/../results passes validation but resolves to /tekton/results at runtime. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 1.0.0, < 1.0.2
    Affected: >= 1.2.0, < 1.3.4
    Affected: >= 1.4.0, < 1.6.2
    Affected: >= 1.7.0, < 1.9.3
    Affected: >= 1.10.0, < 1.11.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40923",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-22T13:50:48.955785Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-22T13:51:13.268Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.0.0, \u003c 1.0.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.2.0, \u003c 1.3.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.4.0, \u003c 1.6.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.7.0, \u003c 1.9.3"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.10.0, \u003c 1.11.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, a validation bypass in the VolumeMount path restriction allows mounting volumes under restricted /tekton/ internal paths by using .. path traversal components. The restriction check uses strings.HasPrefix without filepath.Clean, so a path like /tekton/home/../results passes validation but resolves to /tekton/results at runtime. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-22T15:41:51.388Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-rx35-6rhx-7858",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-rx35-6rhx-7858"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/releases/tag/v1.11.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/releases/tag/v1.11.1"
            }
          ],
          "source": {
            "advisory": "GHSA-rx35-6rhx-7858",
            "discovery": "UNKNOWN"
          },
          "title": "Tekton Pipelines: VolumeMount path restriction bypass via missing filepath.Clean in /tekton/ check"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-40923",
        "datePublished": "2026-04-21T20:50:53.742Z",
        "dateReserved": "2026-04-15T20:40:15.517Z",
        "dateUpdated": "2026-05-22T15:41:51.388Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-40161 (GCVE-0-2026-40161)

    Vulnerability from nvd – Published: 2026-04-21 16:26 – Updated: 2026-05-21 21:20
    VLAI
    Title
    Tekton Pipelines: Git resolver API mode leaks system-configured API token to user-controlled serverURL
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the Tekton Pipelines git resolver in API mode sends the system-configured Git API token to a user-controlled serverURL when the user omits the token parameter. A tenant with TaskRun or PipelineRun create permission can exfiltrate the shared API token (GitHub PAT, GitLab token, etc.) by pointing serverURL to an attacker-controlled endpoint. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-201 - Insertion of Sensitive Information Into Sent Data
    Assigner
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 1.0.0, < 1.0.2
    Affected: >= 1.2.0, < 1.3.4
    Affected: >= 1.4.0, < 1.6.2
    Affected: >= 1.7.0, < 1.9.3
    Affected: >= 1.10.0, < 1.11.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40161",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-21T17:41:32.164689Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-21T17:41:38.895Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.0.0, \u003c 1.0.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.2.0, \u003c 1.3.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.4.0, \u003c 1.6.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.7.0, \u003c 1.9.3"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.10.0, \u003c 1.11.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the Tekton Pipelines git resolver in API mode sends the system-configured Git API token to a user-controlled serverURL when the user omits the token parameter. A tenant with TaskRun or PipelineRun create permission can exfiltrate the shared API token (GitHub PAT, GitLab token, etc.) by pointing serverURL to an attacker-controlled endpoint. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-201",
                  "description": "CWE-201: Insertion of Sensitive Information Into Sent Data",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-21T21:20:13.227Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-wjxp-xrpv-xpff",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-wjxp-xrpv-xpff"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/issues/9608",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/issues/9608"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/issues/9609",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/issues/9609"
            }
          ],
          "source": {
            "advisory": "GHSA-wjxp-xrpv-xpff",
            "discovery": "UNKNOWN"
          },
          "title": "Tekton Pipelines: Git resolver API mode leaks system-configured API token to user-controlled serverURL"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-40161",
        "datePublished": "2026-04-21T16:26:27.381Z",
        "dateReserved": "2026-04-09T19:31:56.014Z",
        "dateUpdated": "2026-05-21T21:20:13.227Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-25542 (GCVE-0-2026-25542)

    Vulnerability from nvd – Published: 2026-04-21 16:05 – Updated: 2026-05-22 16:06
    VLAI
    Title
    Tekton Pipelines: VerificationPolicy regex pattern bypass via substring matching
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.43.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, trusted resources verification policies match a resource source string (refSource.URI) against spec.resources[].pattern using regexp.MatchString. In Go, regexp.MatchString reports a match if the pattern matches anywhere in the string, so common unanchored patterns (including examples in tekton documentation) can be bypassed by attacker-controlled source strings that contain the trusted pattern as a substring. This can cause an unintended policy match and change which verification mode/keys apply. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-185 - Incorrect Regular Expression
    Assigner
    References
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 0.43.0, < 1.0.2
    Affected: >= 1.2.0, < 1.3.4
    Affected: >= 1.4.0, < 1.6.2
    Affected: >= 1.7.0, < 1.9.3
    Affected: >= 1.10.0, < 1.11.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-25542",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-21T16:48:04.873157Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-21T16:48:15.671Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 0.43.0, \u003c 1.0.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.2.0, \u003c 1.3.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.4.0, \u003c 1.6.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.7.0, \u003c 1.9.3"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.10.0, \u003c 1.11.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.43.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, trusted resources verification policies match a resource source string (refSource.URI) against spec.resources[].pattern using regexp.MatchString. In Go, regexp.MatchString reports a match if the pattern matches anywhere in the string, so common unanchored patterns (including examples in tekton documentation) can be bypassed by attacker-controlled source strings that contain the trusted pattern as a substring. This can cause an unintended policy match and change which verification mode/keys apply. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-185",
                  "description": "CWE-185: Incorrect Regular Expression",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-22T16:06:24.202Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-rmx9-2pp3-xhcr",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-rmx9-2pp3-xhcr"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/b8905600322aa86327baae0a7c04d6cf1207362a",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/b8905600322aa86327baae0a7c04d6cf1207362a"
            }
          ],
          "source": {
            "advisory": "GHSA-rmx9-2pp3-xhcr",
            "discovery": "UNKNOWN"
          },
          "title": "Tekton Pipelines: VerificationPolicy regex pattern bypass via substring matching"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-25542",
        "datePublished": "2026-04-21T16:05:43.217Z",
        "dateReserved": "2026-02-02T19:59:47.375Z",
        "dateUpdated": "2026-05-22T16:06:24.202Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-33211 (GCVE-0-2026-33211)

    Vulnerability from nvd – Published: 2026-03-23 23:55 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Tekton Pipelines git resolver has path traversal that allows reading arbitrary files from the resolver pod
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines git resolver is vulnerable to path traversal via the `pathInRepo` parameter. A tenant with permission to create `ResolutionRequests` (e.g. by creating `TaskRuns` or `PipelineRuns` that use the git resolver) can read arbitrary files from the resolver pod's filesystem, including ServiceAccount tokens. The file contents are returned base64-encoded in `resolutionrequest.status.data`. Versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2 contain a patch.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    URL Tags
    https://github.com/tektoncd/pipeline/security/adv… x_refsource_CONFIRM
    https://github.com/tektoncd/pipeline/commit/10fa5… x_refsource_MISC
    https://github.com/tektoncd/pipeline/commit/31800… x_refsource_MISC
    https://github.com/tektoncd/pipeline/commit/3ca7b… x_refsource_MISC
    https://github.com/tektoncd/pipeline/commit/96138… x_refsource_MISC
    https://github.com/tektoncd/pipeline/commit/b1fee… x_refsource_MISC
    https://github.com/tektoncd/pipeline/commit/cdb4e… x_refsource_MISC
    https://github.com/tektoncd/pipeline/commit/ec775… x_refsource_MISC
    https://access.redhat.com/security/cve/CVE-2026-33211 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2450554 issue-trackingx_refsource_REDHAT
    https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
    https://access.redhat.com/errata/RHSA-2026:10155 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10158 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:6170 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:6166 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24484 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10066 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21932 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21931 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10026 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10125 vendor-advisoryx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 1.0.0, < 1.0.1
    Affected: >= 1.1.0, < 1.3.3
    Affected: >= 1.4.0, < 1.6.1
    Affected: >= 1.7.0, < 1.9.2
    Affected: >= 1.10.0, < 1.10.2
    Create a notification for this product.
    Red Hat Red Hat OpenShift Builds 1.6.5     cpe:/a:redhat:openshift_builds:1.6::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Builds 1.7.3     cpe:/a:redhat:openshift_builds:1.7::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Pipelines 1.21     cpe:/a:redhat:openshift_pipelines:1.21::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Pipelines 1.2     cpe:/a:redhat:openshift_pipelines:1.20::el9
    Create a notification for this product.
    Red Hat Red Hat Trusted Artifact Signer 1.3     cpe:/a:redhat:trusted_artifact_signer:1.3::el9
    Create a notification for this product.
    Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
    Create a notification for this product.
    Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
    Create a notification for this product.
    Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-33211",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-24T15:40:21.314239Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-24T15:41:02.198Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1.6::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Builds 1.6.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1.7::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Builds 1.7.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1.21::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Pipelines 1.21",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1.20::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Pipelines 1.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer 1.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Pipelines",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:serverless:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Serverless",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1"
                ],
                "defaultStatus": "unaffected",
                "product": "Builds for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-03-23T23:55:54.089Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Tekton Pipelines, specifically in the Tekton Pipelines git resolver. A tenant with permissions to create ResolutionRequests can exploit a path traversal vulnerability via the `pathInRepo` parameter. This allows the tenant to read arbitrary files from the resolver pod\u0027s filesystem, leading to information disclosure, including sensitive ServiceAccount tokens. The contents of these files are returned in a base64-encoded format."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 9.6,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-22",
                    "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:37.319Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-33211"
              },
              {
                "name": "RHBZ#2450554",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450554"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33211.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10155"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10158"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:6170"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:6166"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24484"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10066"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21932"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21931"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10026"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10125"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:10155: Red Hat OpenShift Builds 1.6.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10158: Red Hat OpenShift Builds 1.7.3"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:6170: Red Hat OpenShift Pipelines 1.21"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:6166: Red Hat OpenShift Pipelines 1.21"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24484: Red Hat OpenShift Pipelines 1.21"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10066: Red Hat OpenShift Pipelines 1.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21932: Red Hat OpenShift Pipelines 1.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21931: Red Hat OpenShift Pipelines 1.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10026: Red Hat OpenShift Pipelines 1.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10125: Red Hat Trusted Artifact Signer 1.3"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-24T00:02:20.093Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-03-23T23:55:54.089Z",
                "value": "Made public."
              }
            ],
            "title": "Tekton Pipelines: github.com/tektoncd/pipeline: Tekton Pipelines: Information disclosure via path traversal in git resolver",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this vulnerability, restrict the creation of ResolutionRequests to trusted users and service accounts. Implement strict Role-Based Access Control (RBAC) policies to limit which tenants can create TaskRuns or PipelineRuns that utilize the Tekton Pipelines git resolver. This reduces the exposure by preventing unauthorized access to the resolver pod\u0027s filesystem."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.0.0, \u003c 1.0.1"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.1.0, \u003c 1.3.3"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.4.0, \u003c 1.6.1"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.7.0, \u003c 1.9.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.10.0, \u003c 1.10.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines git resolver is vulnerable to path traversal via the `pathInRepo` parameter. A tenant with permission to create `ResolutionRequests` (e.g. by creating `TaskRuns` or `PipelineRuns` that use the git resolver) can read arbitrary files from the resolver pod\u0027s filesystem, including ServiceAccount tokens. The file contents are returned base64-encoded in `resolutionrequest.status.data`. Versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2 contain a patch."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 9.6,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-23T23:55:54.089Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-j5q5-j9gm-2w5c",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-j5q5-j9gm-2w5c"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/10fa538f9a2b6d01c75138f1ed7ba3da0e34687c",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/10fa538f9a2b6d01c75138f1ed7ba3da0e34687c"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/318006c4e3a5",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/318006c4e3a5"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/3ca7bc6e6dd1d97f80b84f78370d91edaf023cbd",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/3ca7bc6e6dd1d97f80b84f78370d91edaf023cbd"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/961388fcf3374bc7656d28ab58ca84987e0a75ae",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/961388fcf3374bc7656d28ab58ca84987e0a75ae"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/b1fee65b88aa969069c14c120045e97c37d9ee5e",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/b1fee65b88aa969069c14c120045e97c37d9ee5e"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/cdb4e1e97a4f3170f9bc2cbfff83a6c8107bc3db",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/cdb4e1e97a4f3170f9bc2cbfff83a6c8107bc3db"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/ec7755031a183b345cf9e64bea0e0505c1b9cb78",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/ec7755031a183b345cf9e64bea0e0505c1b9cb78"
            }
          ],
          "source": {
            "advisory": "GHSA-j5q5-j9gm-2w5c",
            "discovery": "UNKNOWN"
          },
          "title": "Tekton Pipelines git resolver has path traversal that allows reading arbitrary files from the resolver pod"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-33211",
        "datePublished": "2026-03-23T23:55:54.089Z",
        "dateReserved": "2026-03-17T23:23:58.313Z",
        "dateUpdated": "2026-06-30T12:07:37.319Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-33022 (GCVE-0-2026-33022)

    Vulnerability from nvd – Published: 2026-03-20 07:48 – Updated: 2026-03-20 18:07
    VLAI
    Title
    Tekton Pipelines: Controller can panic when setting long resolver names in TaskRun/PipelineRun
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Versions 0.60.0 through 1.0.0, 1.1.0 through 1.3.2, 1.4.0 through 1.6.0, 1.7.0 through 1.9.0, 1.10.0, and 1.10.1 have a denial-of-service vulnerability in that allows any user who can create a TaskRun or PipelineRun to crash the controller cluster-wide by setting .spec.taskRef.resolver (or .spec.pipelineRef.resolver) to a string of 31+ characters. The crash occurs because GenerateDeterministicNameFromSpec produces a name exceeding the 63-character DNS-1123 label limit, and its truncation logic panics on a [-1] slice bound since the generated name contains no spaces. Once crashed, the controller enters a CrashLoopBackOff on restart (as it re-reconciles the offending resource), blocking all CI/CD reconciliation until the resource is manually deleted. Built-in resolvers (git, cluster, bundles, hub) are unaffected due to their short names, but any custom resolver name triggers the bug. The fix truncates the resolver-name prefix instead of the full string, preserving the hash suffix for determinism and uniqueness. This issue has been patched in versions 1.0.1, 1.3.3, 1.6.1, 1.9.2 and 1.10.2.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-129 - Improper Validation of Array Index
    Assigner
    References
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 0.60.0, < 1.0.1
    Affected: >= 1.1.0, < 1.3.3
    Affected: >= 1.4.0, < 1.6.1
    Affected: >= 1.7.0, < 1.9.2
    Affected: >= 1.10.0, < 1.10.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-33022",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-20T16:22:10.536063Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-20T18:07:35.331Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 0.60.0, \u003c 1.0.1"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.1.0, \u003c 1.3.3"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.4.0, \u003c 1.6.1"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.7.0, \u003c 1.9.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.10.0, \u003c 1.10.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Versions 0.60.0 through 1.0.0, 1.1.0 through 1.3.2, 1.4.0 through 1.6.0, 1.7.0 through 1.9.0, 1.10.0, and 1.10.1 have a denial-of-service vulnerability in that allows any user who can create a TaskRun or PipelineRun to crash the controller cluster-wide by setting .spec.taskRef.resolver (or .spec.pipelineRef.resolver) to a string of 31+ characters. The crash occurs because GenerateDeterministicNameFromSpec produces a name exceeding the 63-character DNS-1123 label limit, and its truncation logic panics on a [-1] slice bound since the generated name contains no spaces. Once crashed, the controller enters a CrashLoopBackOff on restart (as it re-reconciles the offending resource), blocking all CI/CD reconciliation until the resource is manually deleted. Built-in resolvers (git, cluster, bundles, hub) are unaffected due to their short names, but any custom resolver name triggers the bug. The fix truncates the resolver-name prefix instead of the full string, preserving the hash suffix for determinism and uniqueness. This issue has been patched in versions 1.0.1, 1.3.3, 1.6.1, 1.9.2 and 1.10.2."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-129",
                  "description": "CWE-129: Improper Validation of Array Index",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-20T07:48:15.383Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-cv4x-93xx-wgfj",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-cv4x-93xx-wgfj"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/5eead3f859b9f938e86039e4d29185092c1d4ee6",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/5eead3f859b9f938e86039e4d29185092c1d4ee6"
            }
          ],
          "source": {
            "advisory": "GHSA-cv4x-93xx-wgfj",
            "discovery": "UNKNOWN"
          },
          "title": "Tekton Pipelines: Controller can panic when setting long resolver names in TaskRun/PipelineRun"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-33022",
        "datePublished": "2026-03-20T07:48:15.383Z",
        "dateReserved": "2026-03-17T17:22:14.667Z",
        "dateUpdated": "2026-03-20T18:07:35.331Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-37264 (GCVE-0-2023-37264)

    Vulnerability from nvd – Published: 2023-07-07 16:23 – Updated: 2024-11-04 20:23
    VLAI
    Title
    Pipelines do not validate child UIDs
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.35.0, pipelines do not validate child UIDs, which means that a user that has access to create TaskRuns can create their own Tasks that the Pipelines controller will accept as the child Task. While the software stores and validates the PipelineRun's (api version, kind, name, uid) in the child Run's OwnerReference, it only store (api version, kind, name) in the ChildStatusReference. This means that if a client had access to create TaskRuns on a cluster, they could create a child TaskRun for a pipeline with the same name + owner reference, and the Pipeline controller picks it up as if it was the original TaskRun. This is problematic since it can let users modify the config of Pipelines at runtime, which violates SLSA L2 Service Generated / Non-falsifiable requirements. This issue can be used to trick the Pipeline controller into associating unrelated Runs to the Pipeline, feeding its data through the rest of the Pipeline. This requires access to create TaskRuns, so impact may vary depending on one Tekton setup. If users already have unrestricted access to create any Task/PipelineRun, this does not grant any additional capabilities. As of time of publication, there are no known patches for this issue.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-345 - Insufficient Verification of Data Authenticity
    Assigner
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 0.35.0, <= 0.49.0
    Create a notification for this product.
    tektoncd pipeline Affected: 0.35.0 , ≤ 0.49.0 (custom)
        cpe:2.3:a:tektoncd:pipeline:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:09:33.271Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-w2h3-vvvq-3m53",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-w2h3-vvvq-3m53"
              },
              {
                "name": "https://github.com/tektoncd/pipeline/blob/2d38f5fa840291395178422d34b36b1bc739e2a2/pkg/reconciler/pipelinerun/pipelinerun.go#L1358-L1372",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/tektoncd/pipeline/blob/2d38f5fa840291395178422d34b36b1bc739e2a2/pkg/reconciler/pipelinerun/pipelinerun.go#L1358-L1372"
              },
              {
                "name": "https://pkg.go.dev/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1#ChildStatusReference",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1#ChildStatusReference"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:tektoncd:pipeline:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "pipeline",
                "vendor": "tektoncd",
                "versions": [
                  {
                    "lessThanOrEqual": "0.49.0",
                    "status": "affected",
                    "version": "0.35.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37264",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-04T20:21:12.184314Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-04T20:23:21.819Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 0.35.0, \u003c= 0.49.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.35.0, pipelines do not validate child UIDs, which means that a user that has access to create TaskRuns can create their own Tasks that the Pipelines controller will accept as the child Task. While the software stores and validates the PipelineRun\u0027s (api version, kind, name, uid) in the child Run\u0027s OwnerReference, it only store (api version, kind, name) in the ChildStatusReference. This means that if a client had access to create TaskRuns on a cluster, they could create a child TaskRun for a pipeline with the same name + owner reference, and the Pipeline controller picks it up as if it was the original TaskRun. This is problematic since it can let users modify the config of Pipelines at runtime, which violates SLSA L2 Service Generated / Non-falsifiable requirements. This issue can be used to trick the Pipeline controller into associating unrelated Runs to the Pipeline, feeding its data through the rest of the Pipeline. This requires access to create TaskRuns, so impact may vary depending on one Tekton setup. If users already have unrestricted access to create any Task/PipelineRun, this does not grant any additional capabilities. As of time of publication, there are no known patches for this issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-345",
                  "description": "CWE-345: Insufficient Verification of Data Authenticity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-07T18:30:38.979Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-w2h3-vvvq-3m53",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-w2h3-vvvq-3m53"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/blob/2d38f5fa840291395178422d34b36b1bc739e2a2/pkg/reconciler/pipelinerun/pipelinerun.go#L1358-L1372",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/blob/2d38f5fa840291395178422d34b36b1bc739e2a2/pkg/reconciler/pipelinerun/pipelinerun.go#L1358-L1372"
            },
            {
              "name": "https://pkg.go.dev/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1#ChildStatusReference",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://pkg.go.dev/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1#ChildStatusReference"
            }
          ],
          "source": {
            "advisory": "GHSA-w2h3-vvvq-3m53",
            "discovery": "UNKNOWN"
          },
          "title": "Pipelines do not validate child UIDs"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2023-37264",
        "datePublished": "2023-07-07T16:23:09.866Z",
        "dateReserved": "2023-06-29T19:35:26.438Z",
        "dateUpdated": "2024-11-04T20:23:21.819Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-40923 (GCVE-0-2026-40923)

    Vulnerability from cvelistv5 – Published: 2026-04-21 20:50 – Updated: 2026-05-22 15:41
    VLAI
    Title
    Tekton Pipelines: VolumeMount path restriction bypass via missing filepath.Clean in /tekton/ check
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, a validation bypass in the VolumeMount path restriction allows mounting volumes under restricted /tekton/ internal paths by using .. path traversal components. The restriction check uses strings.HasPrefix without filepath.Clean, so a path like /tekton/home/../results passes validation but resolves to /tekton/results at runtime. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 1.0.0, < 1.0.2
    Affected: >= 1.2.0, < 1.3.4
    Affected: >= 1.4.0, < 1.6.2
    Affected: >= 1.7.0, < 1.9.3
    Affected: >= 1.10.0, < 1.11.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40923",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-22T13:50:48.955785Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-22T13:51:13.268Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.0.0, \u003c 1.0.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.2.0, \u003c 1.3.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.4.0, \u003c 1.6.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.7.0, \u003c 1.9.3"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.10.0, \u003c 1.11.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, a validation bypass in the VolumeMount path restriction allows mounting volumes under restricted /tekton/ internal paths by using .. path traversal components. The restriction check uses strings.HasPrefix without filepath.Clean, so a path like /tekton/home/../results passes validation but resolves to /tekton/results at runtime. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-22T15:41:51.388Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-rx35-6rhx-7858",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-rx35-6rhx-7858"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/releases/tag/v1.11.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/releases/tag/v1.11.1"
            }
          ],
          "source": {
            "advisory": "GHSA-rx35-6rhx-7858",
            "discovery": "UNKNOWN"
          },
          "title": "Tekton Pipelines: VolumeMount path restriction bypass via missing filepath.Clean in /tekton/ check"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-40923",
        "datePublished": "2026-04-21T20:50:53.742Z",
        "dateReserved": "2026-04-15T20:40:15.517Z",
        "dateUpdated": "2026-05-22T15:41:51.388Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-40924 (GCVE-0-2026-40924)

    Vulnerability from cvelistv5 – Published: 2026-04-21 20:47 – Updated: 2026-05-22 16:03
    VLAI
    Title
    Tekton Pipelines: HTTP Resolver Unbounded Response Body Read Enables Denial of Service via Memory Exhaustion
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the HTTP resolver's FetchHttpResource function calls io.ReadAll(resp.Body) with no response body size limit. Any tenant with permission to create TaskRuns or PipelineRuns that reference the HTTP resolver can point it at an attacker-controlled HTTP server that returns a very large response body within the 1-minute timeout window, causing the tekton-pipelines-resolvers pod to be OOM-killed by Kubernetes. Because all resolver types (Git, Hub, Bundle, Cluster, HTTP) run in the same pod, crashing this pod denies resolution service to the entire cluster. Repeated exploitation causes a sustained crash loop. The same vulnerable code path is reached by both the deprecated pkg/resolution/resolver/http and the current pkg/remoteresolution/resolver/http implementations. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    References
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 1.0.0, < 1.0.2
    Affected: >= 1.2.0, < 1.3.4
    Affected: >= 1.4.0, < 1.6.2
    Affected: >= 1.7.0, < 1.9.3
    Affected: >= 1.10.0, < 1.11.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40924",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-22T13:21:18.942819Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-22T13:21:28.680Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-m2cx-gpqf-qf74"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.0.0, \u003c 1.0.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.2.0, \u003c 1.3.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.4.0, \u003c 1.6.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.7.0, \u003c 1.9.3"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.10.0, \u003c 1.11.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the HTTP resolver\u0027s FetchHttpResource function calls io.ReadAll(resp.Body) with no response body size limit. Any tenant with permission to create TaskRuns or PipelineRuns that reference the HTTP resolver can point it at an attacker-controlled HTTP server that returns a very large response body within the 1-minute timeout window, causing the tekton-pipelines-resolvers pod to be OOM-killed by Kubernetes. Because all resolver types (Git, Hub, Bundle, Cluster, HTTP) run in the same pod, crashing this pod denies resolution service to the entire cluster. Repeated exploitation causes a sustained crash loop. The same vulnerable code path is reached by both the deprecated pkg/resolution/resolver/http and the current pkg/remoteresolution/resolver/http implementations. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-22T16:03:53.528Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-m2cx-gpqf-qf74",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-m2cx-gpqf-qf74"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/releases/tag/v1.11.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/releases/tag/v1.11.1"
            }
          ],
          "source": {
            "advisory": "GHSA-m2cx-gpqf-qf74",
            "discovery": "UNKNOWN"
          },
          "title": "Tekton Pipelines: HTTP Resolver Unbounded Response Body Read Enables Denial of Service via Memory Exhaustion"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-40924",
        "datePublished": "2026-04-21T20:47:47.178Z",
        "dateReserved": "2026-04-15T20:40:15.517Z",
        "dateUpdated": "2026-05-22T16:03:53.528Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-40938 (GCVE-0-2026-40938)

    Vulnerability from cvelistv5 – Published: 2026-04-21 20:45 – Updated: 2026-06-30 12:05
    VLAI
    Title
    Tekton Pipelines: Git Resolver Unsanitized Revision Parameter Enables git Argument Injection Leading to RCE
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the git resolver's revision parameter is passed directly as a positional argument to git fetch without any validation that it does not begin with a - character. Because git parses flags from mixed positional arguments, an attacker can inject arbitrary git fetch flags such as --upload-pack=<binary>. Combined with the validateRepoURL function explicitly permitting URLs that begin with / (local filesystem paths), a tenant who can submit ResolutionRequest objects can chain these two behaviors to execute an arbitrary binary on the resolver pod. The tekton-pipelines-resolvers ServiceAccount holds cluster-wide get/list/watch on all Secrets, so code execution on the resolver pod enables full cluster-wide secret exfiltration. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
    Assigner
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 1.0.0, < 1.0.2
    Affected: >= 1.2.0, < 1.3.4
    Affected: >= 1.4.0, < 1.6.2
    Affected: >= 1.7.0, < 1.9.3
    Affected: >= 1.10.0, < 1.11.1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Builds 1.7.3     cpe:/a:redhat:openshift_builds:1.7::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Builds 1.8.0     cpe:/a:redhat:openshift_builds:1.8::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Pipelines 1.21     cpe:/a:redhat:openshift_pipelines:1.21::el9
    Create a notification for this product.
    Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
    Create a notification for this product.
    Red Hat OpenShift Lightspeed     cpe:/a:redhat:openshift_lightspeed
    Create a notification for this product.
    Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40938",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-22T18:31:54.871943Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-22T18:36:16.790Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-94jr-7pqp-xhcq"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1.7::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Builds 1.7.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1.8::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Builds 1.8.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1.21::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Pipelines 1.21",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Pipelines",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_lightspeed"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Lightspeed",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:serverless:1"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Serverless",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-21T20:45:24.658Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Tekton Pipelines, a system for declaring continuous integration/continuous delivery (CI/CD) pipelines. An authenticated user, able to submit `ResolutionRequest` objects, can exploit a vulnerability by injecting malicious commands into the git resolver\u0027s revision parameter. This allows for the execution of unauthorized programs on the resolver pod. Successful exploitation can lead to the exfiltration of all cluster-wide secrets, resulting in significant information disclosure."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-88",
                    "description": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:05:58.492Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-40938"
              },
              {
                "name": "RHBZ#2460292",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460292"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-40938.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24359"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17546"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:26538"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:26519"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24484"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:24359: Red Hat OpenShift Builds 1.7.3"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17546: Red Hat OpenShift Builds 1.8.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:26538: Red Hat OpenShift Pipelines 1.21"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:26519: Red Hat OpenShift Pipelines 1.21"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24484: Red Hat OpenShift Pipelines 1.21"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-21T21:02:16.557Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-21T20:45:24.658Z",
                "value": "Made public."
              }
            ],
            "title": "github.com/tektoncd/pipeline: Tekton Pipelines: Arbitrary code execution and secret exfiltration via malicious git commands",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.0.0, \u003c 1.0.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.2.0, \u003c 1.3.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.4.0, \u003c 1.6.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.7.0, \u003c 1.9.3"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.10.0, \u003c 1.11.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the git resolver\u0027s revision parameter is passed directly as a positional argument to git fetch without any validation that it does not begin with a - character. Because git parses flags from mixed positional arguments, an attacker can inject arbitrary git fetch flags such as --upload-pack=\u003cbinary\u003e. Combined with the validateRepoURL function explicitly permitting URLs that begin with / (local filesystem paths), a tenant who can submit ResolutionRequest objects can chain these two behaviors to execute an arbitrary binary on the resolver pod. The tekton-pipelines-resolvers ServiceAccount holds cluster-wide get/list/watch on all Secrets, so code execution on the resolver pod enables full cluster-wide secret exfiltration. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-88",
                  "description": "CWE-88: Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-21T22:40:09.754Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-94jr-7pqp-xhcq",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-94jr-7pqp-xhcq"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/releases/tag/v1.11.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/releases/tag/v1.11.1"
            }
          ],
          "source": {
            "advisory": "GHSA-94jr-7pqp-xhcq",
            "discovery": "UNKNOWN"
          },
          "title": "Tekton Pipelines: Git Resolver Unsanitized Revision Parameter Enables git Argument Injection Leading to RCE"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-40938",
        "datePublished": "2026-04-21T20:45:24.658Z",
        "dateReserved": "2026-04-15T20:40:15.518Z",
        "dateUpdated": "2026-06-30T12:05:58.492Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-40161 (GCVE-0-2026-40161)

    Vulnerability from cvelistv5 – Published: 2026-04-21 16:26 – Updated: 2026-05-21 21:20
    VLAI
    Title
    Tekton Pipelines: Git resolver API mode leaks system-configured API token to user-controlled serverURL
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the Tekton Pipelines git resolver in API mode sends the system-configured Git API token to a user-controlled serverURL when the user omits the token parameter. A tenant with TaskRun or PipelineRun create permission can exfiltrate the shared API token (GitHub PAT, GitLab token, etc.) by pointing serverURL to an attacker-controlled endpoint. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-201 - Insertion of Sensitive Information Into Sent Data
    Assigner
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 1.0.0, < 1.0.2
    Affected: >= 1.2.0, < 1.3.4
    Affected: >= 1.4.0, < 1.6.2
    Affected: >= 1.7.0, < 1.9.3
    Affected: >= 1.10.0, < 1.11.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40161",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-21T17:41:32.164689Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-21T17:41:38.895Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.0.0, \u003c 1.0.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.2.0, \u003c 1.3.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.4.0, \u003c 1.6.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.7.0, \u003c 1.9.3"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.10.0, \u003c 1.11.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the Tekton Pipelines git resolver in API mode sends the system-configured Git API token to a user-controlled serverURL when the user omits the token parameter. A tenant with TaskRun or PipelineRun create permission can exfiltrate the shared API token (GitHub PAT, GitLab token, etc.) by pointing serverURL to an attacker-controlled endpoint. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-201",
                  "description": "CWE-201: Insertion of Sensitive Information Into Sent Data",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-21T21:20:13.227Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-wjxp-xrpv-xpff",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-wjxp-xrpv-xpff"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/issues/9608",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/issues/9608"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/issues/9609",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/issues/9609"
            }
          ],
          "source": {
            "advisory": "GHSA-wjxp-xrpv-xpff",
            "discovery": "UNKNOWN"
          },
          "title": "Tekton Pipelines: Git resolver API mode leaks system-configured API token to user-controlled serverURL"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-40161",
        "datePublished": "2026-04-21T16:26:27.381Z",
        "dateReserved": "2026-04-09T19:31:56.014Z",
        "dateUpdated": "2026-05-21T21:20:13.227Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-25542 (GCVE-0-2026-25542)

    Vulnerability from cvelistv5 – Published: 2026-04-21 16:05 – Updated: 2026-05-22 16:06
    VLAI
    Title
    Tekton Pipelines: VerificationPolicy regex pattern bypass via substring matching
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.43.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, trusted resources verification policies match a resource source string (refSource.URI) against spec.resources[].pattern using regexp.MatchString. In Go, regexp.MatchString reports a match if the pattern matches anywhere in the string, so common unanchored patterns (including examples in tekton documentation) can be bypassed by attacker-controlled source strings that contain the trusted pattern as a substring. This can cause an unintended policy match and change which verification mode/keys apply. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-185 - Incorrect Regular Expression
    Assigner
    References
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 0.43.0, < 1.0.2
    Affected: >= 1.2.0, < 1.3.4
    Affected: >= 1.4.0, < 1.6.2
    Affected: >= 1.7.0, < 1.9.3
    Affected: >= 1.10.0, < 1.11.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-25542",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-21T16:48:04.873157Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-21T16:48:15.671Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 0.43.0, \u003c 1.0.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.2.0, \u003c 1.3.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.4.0, \u003c 1.6.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.7.0, \u003c 1.9.3"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.10.0, \u003c 1.11.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.43.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, trusted resources verification policies match a resource source string (refSource.URI) against spec.resources[].pattern using regexp.MatchString. In Go, regexp.MatchString reports a match if the pattern matches anywhere in the string, so common unanchored patterns (including examples in tekton documentation) can be bypassed by attacker-controlled source strings that contain the trusted pattern as a substring. This can cause an unintended policy match and change which verification mode/keys apply. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-185",
                  "description": "CWE-185: Incorrect Regular Expression",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-22T16:06:24.202Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-rmx9-2pp3-xhcr",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-rmx9-2pp3-xhcr"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/b8905600322aa86327baae0a7c04d6cf1207362a",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/b8905600322aa86327baae0a7c04d6cf1207362a"
            }
          ],
          "source": {
            "advisory": "GHSA-rmx9-2pp3-xhcr",
            "discovery": "UNKNOWN"
          },
          "title": "Tekton Pipelines: VerificationPolicy regex pattern bypass via substring matching"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-25542",
        "datePublished": "2026-04-21T16:05:43.217Z",
        "dateReserved": "2026-02-02T19:59:47.375Z",
        "dateUpdated": "2026-05-22T16:06:24.202Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-33211 (GCVE-0-2026-33211)

    Vulnerability from cvelistv5 – Published: 2026-03-23 23:55 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Tekton Pipelines git resolver has path traversal that allows reading arbitrary files from the resolver pod
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines git resolver is vulnerable to path traversal via the `pathInRepo` parameter. A tenant with permission to create `ResolutionRequests` (e.g. by creating `TaskRuns` or `PipelineRuns` that use the git resolver) can read arbitrary files from the resolver pod's filesystem, including ServiceAccount tokens. The file contents are returned base64-encoded in `resolutionrequest.status.data`. Versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2 contain a patch.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    URL Tags
    https://github.com/tektoncd/pipeline/security/adv… x_refsource_CONFIRM
    https://github.com/tektoncd/pipeline/commit/10fa5… x_refsource_MISC
    https://github.com/tektoncd/pipeline/commit/31800… x_refsource_MISC
    https://github.com/tektoncd/pipeline/commit/3ca7b… x_refsource_MISC
    https://github.com/tektoncd/pipeline/commit/96138… x_refsource_MISC
    https://github.com/tektoncd/pipeline/commit/b1fee… x_refsource_MISC
    https://github.com/tektoncd/pipeline/commit/cdb4e… x_refsource_MISC
    https://github.com/tektoncd/pipeline/commit/ec775… x_refsource_MISC
    https://access.redhat.com/security/cve/CVE-2026-33211 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2450554 issue-trackingx_refsource_REDHAT
    https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
    https://access.redhat.com/errata/RHSA-2026:10155 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10158 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:6170 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:6166 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24484 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10066 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21932 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21931 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10026 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10125 vendor-advisoryx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 1.0.0, < 1.0.1
    Affected: >= 1.1.0, < 1.3.3
    Affected: >= 1.4.0, < 1.6.1
    Affected: >= 1.7.0, < 1.9.2
    Affected: >= 1.10.0, < 1.10.2
    Create a notification for this product.
    Red Hat Red Hat OpenShift Builds 1.6.5     cpe:/a:redhat:openshift_builds:1.6::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Builds 1.7.3     cpe:/a:redhat:openshift_builds:1.7::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Pipelines 1.21     cpe:/a:redhat:openshift_pipelines:1.21::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Pipelines 1.2     cpe:/a:redhat:openshift_pipelines:1.20::el9
    Create a notification for this product.
    Red Hat Red Hat Trusted Artifact Signer 1.3     cpe:/a:redhat:trusted_artifact_signer:1.3::el9
    Create a notification for this product.
    Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
    Create a notification for this product.
    Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
    Create a notification for this product.
    Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-33211",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-24T15:40:21.314239Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-24T15:41:02.198Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1.6::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Builds 1.6.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1.7::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Builds 1.7.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1.21::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Pipelines 1.21",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1.20::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Pipelines 1.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer 1.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Pipelines",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:serverless:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Serverless",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1"
                ],
                "defaultStatus": "unaffected",
                "product": "Builds for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-03-23T23:55:54.089Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Tekton Pipelines, specifically in the Tekton Pipelines git resolver. A tenant with permissions to create ResolutionRequests can exploit a path traversal vulnerability via the `pathInRepo` parameter. This allows the tenant to read arbitrary files from the resolver pod\u0027s filesystem, leading to information disclosure, including sensitive ServiceAccount tokens. The contents of these files are returned in a base64-encoded format."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 9.6,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-22",
                    "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:37.319Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-33211"
              },
              {
                "name": "RHBZ#2450554",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450554"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33211.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10155"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10158"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:6170"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:6166"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24484"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10066"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21932"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21931"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10026"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10125"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:10155: Red Hat OpenShift Builds 1.6.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10158: Red Hat OpenShift Builds 1.7.3"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:6170: Red Hat OpenShift Pipelines 1.21"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:6166: Red Hat OpenShift Pipelines 1.21"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24484: Red Hat OpenShift Pipelines 1.21"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10066: Red Hat OpenShift Pipelines 1.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21932: Red Hat OpenShift Pipelines 1.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21931: Red Hat OpenShift Pipelines 1.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10026: Red Hat OpenShift Pipelines 1.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10125: Red Hat Trusted Artifact Signer 1.3"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-24T00:02:20.093Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-03-23T23:55:54.089Z",
                "value": "Made public."
              }
            ],
            "title": "Tekton Pipelines: github.com/tektoncd/pipeline: Tekton Pipelines: Information disclosure via path traversal in git resolver",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this vulnerability, restrict the creation of ResolutionRequests to trusted users and service accounts. Implement strict Role-Based Access Control (RBAC) policies to limit which tenants can create TaskRuns or PipelineRuns that utilize the Tekton Pipelines git resolver. This reduces the exposure by preventing unauthorized access to the resolver pod\u0027s filesystem."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.0.0, \u003c 1.0.1"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.1.0, \u003c 1.3.3"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.4.0, \u003c 1.6.1"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.7.0, \u003c 1.9.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.10.0, \u003c 1.10.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines git resolver is vulnerable to path traversal via the `pathInRepo` parameter. A tenant with permission to create `ResolutionRequests` (e.g. by creating `TaskRuns` or `PipelineRuns` that use the git resolver) can read arbitrary files from the resolver pod\u0027s filesystem, including ServiceAccount tokens. The file contents are returned base64-encoded in `resolutionrequest.status.data`. Versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2 contain a patch."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 9.6,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-23T23:55:54.089Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-j5q5-j9gm-2w5c",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-j5q5-j9gm-2w5c"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/10fa538f9a2b6d01c75138f1ed7ba3da0e34687c",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/10fa538f9a2b6d01c75138f1ed7ba3da0e34687c"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/318006c4e3a5",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/318006c4e3a5"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/3ca7bc6e6dd1d97f80b84f78370d91edaf023cbd",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/3ca7bc6e6dd1d97f80b84f78370d91edaf023cbd"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/961388fcf3374bc7656d28ab58ca84987e0a75ae",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/961388fcf3374bc7656d28ab58ca84987e0a75ae"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/b1fee65b88aa969069c14c120045e97c37d9ee5e",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/b1fee65b88aa969069c14c120045e97c37d9ee5e"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/cdb4e1e97a4f3170f9bc2cbfff83a6c8107bc3db",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/cdb4e1e97a4f3170f9bc2cbfff83a6c8107bc3db"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/ec7755031a183b345cf9e64bea0e0505c1b9cb78",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/ec7755031a183b345cf9e64bea0e0505c1b9cb78"
            }
          ],
          "source": {
            "advisory": "GHSA-j5q5-j9gm-2w5c",
            "discovery": "UNKNOWN"
          },
          "title": "Tekton Pipelines git resolver has path traversal that allows reading arbitrary files from the resolver pod"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-33211",
        "datePublished": "2026-03-23T23:55:54.089Z",
        "dateReserved": "2026-03-17T23:23:58.313Z",
        "dateUpdated": "2026-06-30T12:07:37.319Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-33022 (GCVE-0-2026-33022)

    Vulnerability from cvelistv5 – Published: 2026-03-20 07:48 – Updated: 2026-03-20 18:07
    VLAI
    Title
    Tekton Pipelines: Controller can panic when setting long resolver names in TaskRun/PipelineRun
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Versions 0.60.0 through 1.0.0, 1.1.0 through 1.3.2, 1.4.0 through 1.6.0, 1.7.0 through 1.9.0, 1.10.0, and 1.10.1 have a denial-of-service vulnerability in that allows any user who can create a TaskRun or PipelineRun to crash the controller cluster-wide by setting .spec.taskRef.resolver (or .spec.pipelineRef.resolver) to a string of 31+ characters. The crash occurs because GenerateDeterministicNameFromSpec produces a name exceeding the 63-character DNS-1123 label limit, and its truncation logic panics on a [-1] slice bound since the generated name contains no spaces. Once crashed, the controller enters a CrashLoopBackOff on restart (as it re-reconciles the offending resource), blocking all CI/CD reconciliation until the resource is manually deleted. Built-in resolvers (git, cluster, bundles, hub) are unaffected due to their short names, but any custom resolver name triggers the bug. The fix truncates the resolver-name prefix instead of the full string, preserving the hash suffix for determinism and uniqueness. This issue has been patched in versions 1.0.1, 1.3.3, 1.6.1, 1.9.2 and 1.10.2.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-129 - Improper Validation of Array Index
    Assigner
    References
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 0.60.0, < 1.0.1
    Affected: >= 1.1.0, < 1.3.3
    Affected: >= 1.4.0, < 1.6.1
    Affected: >= 1.7.0, < 1.9.2
    Affected: >= 1.10.0, < 1.10.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-33022",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-20T16:22:10.536063Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-20T18:07:35.331Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 0.60.0, \u003c 1.0.1"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.1.0, \u003c 1.3.3"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.4.0, \u003c 1.6.1"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.7.0, \u003c 1.9.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 1.10.0, \u003c 1.10.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Versions 0.60.0 through 1.0.0, 1.1.0 through 1.3.2, 1.4.0 through 1.6.0, 1.7.0 through 1.9.0, 1.10.0, and 1.10.1 have a denial-of-service vulnerability in that allows any user who can create a TaskRun or PipelineRun to crash the controller cluster-wide by setting .spec.taskRef.resolver (or .spec.pipelineRef.resolver) to a string of 31+ characters. The crash occurs because GenerateDeterministicNameFromSpec produces a name exceeding the 63-character DNS-1123 label limit, and its truncation logic panics on a [-1] slice bound since the generated name contains no spaces. Once crashed, the controller enters a CrashLoopBackOff on restart (as it re-reconciles the offending resource), blocking all CI/CD reconciliation until the resource is manually deleted. Built-in resolvers (git, cluster, bundles, hub) are unaffected due to their short names, but any custom resolver name triggers the bug. The fix truncates the resolver-name prefix instead of the full string, preserving the hash suffix for determinism and uniqueness. This issue has been patched in versions 1.0.1, 1.3.3, 1.6.1, 1.9.2 and 1.10.2."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-129",
                  "description": "CWE-129: Improper Validation of Array Index",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-20T07:48:15.383Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-cv4x-93xx-wgfj",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-cv4x-93xx-wgfj"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/commit/5eead3f859b9f938e86039e4d29185092c1d4ee6",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/commit/5eead3f859b9f938e86039e4d29185092c1d4ee6"
            }
          ],
          "source": {
            "advisory": "GHSA-cv4x-93xx-wgfj",
            "discovery": "UNKNOWN"
          },
          "title": "Tekton Pipelines: Controller can panic when setting long resolver names in TaskRun/PipelineRun"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-33022",
        "datePublished": "2026-03-20T07:48:15.383Z",
        "dateReserved": "2026-03-17T17:22:14.667Z",
        "dateUpdated": "2026-03-20T18:07:35.331Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-37264 (GCVE-0-2023-37264)

    Vulnerability from cvelistv5 – Published: 2023-07-07 16:23 – Updated: 2024-11-04 20:23
    VLAI
    Title
    Pipelines do not validate child UIDs
    Summary
    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.35.0, pipelines do not validate child UIDs, which means that a user that has access to create TaskRuns can create their own Tasks that the Pipelines controller will accept as the child Task. While the software stores and validates the PipelineRun's (api version, kind, name, uid) in the child Run's OwnerReference, it only store (api version, kind, name) in the ChildStatusReference. This means that if a client had access to create TaskRuns on a cluster, they could create a child TaskRun for a pipeline with the same name + owner reference, and the Pipeline controller picks it up as if it was the original TaskRun. This is problematic since it can let users modify the config of Pipelines at runtime, which violates SLSA L2 Service Generated / Non-falsifiable requirements. This issue can be used to trick the Pipeline controller into associating unrelated Runs to the Pipeline, feeding its data through the rest of the Pipeline. This requires access to create TaskRuns, so impact may vary depending on one Tekton setup. If users already have unrestricted access to create any Task/PipelineRun, this does not grant any additional capabilities. As of time of publication, there are no known patches for this issue.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-345 - Insufficient Verification of Data Authenticity
    Assigner
    Impacted products
    Vendor Product Version
    tektoncd pipeline Affected: >= 0.35.0, <= 0.49.0
    Create a notification for this product.
    tektoncd pipeline Affected: 0.35.0 , ≤ 0.49.0 (custom)
        cpe:2.3:a:tektoncd:pipeline:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:09:33.271Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-w2h3-vvvq-3m53",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-w2h3-vvvq-3m53"
              },
              {
                "name": "https://github.com/tektoncd/pipeline/blob/2d38f5fa840291395178422d34b36b1bc739e2a2/pkg/reconciler/pipelinerun/pipelinerun.go#L1358-L1372",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/tektoncd/pipeline/blob/2d38f5fa840291395178422d34b36b1bc739e2a2/pkg/reconciler/pipelinerun/pipelinerun.go#L1358-L1372"
              },
              {
                "name": "https://pkg.go.dev/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1#ChildStatusReference",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1#ChildStatusReference"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:tektoncd:pipeline:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "pipeline",
                "vendor": "tektoncd",
                "versions": [
                  {
                    "lessThanOrEqual": "0.49.0",
                    "status": "affected",
                    "version": "0.35.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37264",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-04T20:21:12.184314Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-04T20:23:21.819Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pipeline",
              "vendor": "tektoncd",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 0.35.0, \u003c= 0.49.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.35.0, pipelines do not validate child UIDs, which means that a user that has access to create TaskRuns can create their own Tasks that the Pipelines controller will accept as the child Task. While the software stores and validates the PipelineRun\u0027s (api version, kind, name, uid) in the child Run\u0027s OwnerReference, it only store (api version, kind, name) in the ChildStatusReference. This means that if a client had access to create TaskRuns on a cluster, they could create a child TaskRun for a pipeline with the same name + owner reference, and the Pipeline controller picks it up as if it was the original TaskRun. This is problematic since it can let users modify the config of Pipelines at runtime, which violates SLSA L2 Service Generated / Non-falsifiable requirements. This issue can be used to trick the Pipeline controller into associating unrelated Runs to the Pipeline, feeding its data through the rest of the Pipeline. This requires access to create TaskRuns, so impact may vary depending on one Tekton setup. If users already have unrestricted access to create any Task/PipelineRun, this does not grant any additional capabilities. As of time of publication, there are no known patches for this issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-345",
                  "description": "CWE-345: Insufficient Verification of Data Authenticity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-07T18:30:38.979Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-w2h3-vvvq-3m53",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-w2h3-vvvq-3m53"
            },
            {
              "name": "https://github.com/tektoncd/pipeline/blob/2d38f5fa840291395178422d34b36b1bc739e2a2/pkg/reconciler/pipelinerun/pipelinerun.go#L1358-L1372",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/tektoncd/pipeline/blob/2d38f5fa840291395178422d34b36b1bc739e2a2/pkg/reconciler/pipelinerun/pipelinerun.go#L1358-L1372"
            },
            {
              "name": "https://pkg.go.dev/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1#ChildStatusReference",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://pkg.go.dev/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1#ChildStatusReference"
            }
          ],
          "source": {
            "advisory": "GHSA-w2h3-vvvq-3m53",
            "discovery": "UNKNOWN"
          },
          "title": "Pipelines do not validate child UIDs"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2023-37264",
        "datePublished": "2023-07-07T16:23:09.866Z",
        "dateReserved": "2023-06-29T19:35:26.438Z",
        "dateUpdated": "2024-11-04T20:23:21.819Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }