Description
Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines git resolver is vulnerable to path traversal via the `pathInRepo` parameter. A tenant with permission to create `ResolutionRequests` (e.g. by creating `TaskRuns` or `PipelineRuns` that use the git resolver) can read arbitrary files from the resolver pod's filesystem, including ServiceAccount tokens. The file contents are returned base64-encoded in `resolutionrequest.status.data`. Versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2 contain a patch.
Published: 2026-03-23
Score: 9.6 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary File Read with potential credential exposure
Action: Patch Immediately
AI Analysis

Impact

Exploit of the Tekton Pipelines git resolver permits an attacker with permission to create ResolutionRequests to perform path traversal through the pathInRepo parameter. This allows reading arbitrary files from the resolver pod’s filesystem, including sensitive ServiceAccount tokens. The vulnerability is classified as CWE‑22 and can lead to the compromise of credentials and other confidential data.

Affected Systems

The affected product is Tekton CD Pipelines, a Kubernetes-native continuous integration and delivery system. The issue impacts all releases from version 1.0.0 up until the patched releases 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2. Any installation that has not upgraded to one of these patched releases remains vulnerable.

Risk and Exploitability

The CVSS score of 9.6 marks it as critical, and the EPSS score of less than 1% suggests a low likelihood of exploitation in the general population, though it is not listed in the CISA KEV catalog. The attack requires only the ability to submit a ResolutionRequest, a privilege that many cluster users possess. Once such access is available, an attacker can read any file on the resolver pod, including identity tokens that enable further lateral movement, making the threat significant in environments where users can create tasks that call the git resolver.

Generated by OpenCVE AI on March 26, 2026 at 17:01 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Tekton Pipelines to a patched release (1.0.1, 1.3.3, 1.6.1, 1.9.2, 1.10.2 or newer) as soon as possible.
  • If immediate upgrade is not possible, restrict the permissions required to create ResolutionRequests so that only trusted users or service accounts can execute the git resolver.
  • Monitor cluster logs for unexpected ResolutionRequest creation or unauthorized file reads.

Generated by OpenCVE AI on March 26, 2026 at 17:01 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-j5q5-j9gm-2w5c Path traversal in Tekton Pipelines git resolver allows reading arbitrary files from the resolver pod
History

Thu, 26 Mar 2026 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Linuxfoundation
Linuxfoundation tekton Pipelines
CPEs cpe:2.3:a:linuxfoundation:tekton_pipelines:*:*:*:*:*:go:*:*
cpe:2.3:a:linuxfoundation:tekton_pipelines:1.0.0:*:*:*:*:go:*:*
Vendors & Products Linuxfoundation
Linuxfoundation tekton Pipelines

Wed, 25 Mar 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Tue, 24 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 24 Mar 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Tektoncd
Tektoncd pipeline
Vendors & Products Tektoncd
Tektoncd pipeline

Tue, 24 Mar 2026 02:30:00 +0000

Type Values Removed Values Added
Description Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines git resolver is vulnerable to path traversal via the `pathInRepo` parameter. A tenant with permission to create `ResolutionRequests` (e.g. by creating `TaskRuns` or `PipelineRuns` that use the git resolver) can read arbitrary files from the resolver pod's filesystem, including ServiceAccount tokens. The file contents are returned base64-encoded in `resolutionrequest.status.data`. Versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2 contain a patch.
Title Tekton Pipelines git resolver has path traversal that allows reading arbitrary files from the resolver pod
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 9.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N'}

Subscriptions

Linuxfoundation Tekton Pipelines
Tektoncd Pipeline
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-24T15:41:02.198Z

Reserved: 2026-03-17T23:23:58.313Z

Link: CVE-2026-33211

cve-icon Vulnrichment

Updated: 2026-03-24T15:40:51.639Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-24T00:16:29.320

Modified: 2026-03-26T15:42:12.300

Link: CVE-2026-33211

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-03-23T23:55:54Z

Links: CVE-2026-33211 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T09:21:21Z

Weaknesses