Description
Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. From 1.0.0 to 1.10.0, the Tekton Pipelines git resolver in API mode sends the system-configured Git API token to a user-controlled serverURL when the user omits the token parameter. A tenant with TaskRun or PipelineRun create permission can exfiltrate the shared API token (GitHub PAT, GitLab token, etc.) by pointing serverURL to an attacker-controlled endpoint.
Published: 2026-04-21
Score: 7.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Exfiltration of privileged API token via a user-controlled serverURL
Action: Immediate Patch
AI Analysis

Impact

The vulnerability occurs when the Git resolver in Tekton Pipelines operates in API mode and the user omits the token parameter. Under these conditions, the resolver inadvertently sends the system‑configured Git API token—such as a GitHub personal access token or GitLab token—to the serverURL supplied by the user. This leak constitutes an unintended information exposure (CWE‑201) and can allow an attacker to obtain a credential that is generally trusted to perform actions on the developer’s behalf, potentially leading to downstream compromise of source‑code repositories or other services that rely on the token.

Affected Systems

The flaw affects the Tekton Pipelines product, versions 1.0.0 through 1.10.0. A tenant who has permission to create a TaskRun or PipelineRun can exploit this and direct the resolver to an attacker‑controlled endpoint to capture the API token.

Risk and Exploitability

The CVSS score of 7.7 indicates high impact for the affected users. Although the EPSS score is not publicly available and the vulnerability is not listed in the CISA KEV catalog, the attack vector requires local cluster access to create a run and a configurable serverURL. An attacker with the necessary permissions can directly exfiltrate the token, enabling unauthorized access to Git services. While exploitation is straightforward for an internal attacker, external exploitation would need a foothold with sufficient permissions.

Generated by OpenCVE AI on April 21, 2026 at 22:40 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Tekton Pipelines to the latest stable release where the Git resolver no longer transmits the system‑configured token when the token field is omitted.
  • Restrict privileges so that only trusted users can create PipelineRun or TaskRun resources, thereby limiting the ability to supply arbitrary serverURLs.
  • Enforce network policies or firewall rules to block outbound traffic from Tekton pods to unknown external endpoints, preventing exfiltration of credentials to attacker‑controlled servers.

Generated by OpenCVE AI on April 21, 2026 at 22:40 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-wjxp-xrpv-xpff Tekton Pipelines: Git resolver API mode leaks system-configured API token to user-controlled serverURL
History

Wed, 22 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
First Time appeared Tektoncd
Tektoncd pipeline
Vendors & Products Tektoncd
Tektoncd pipeline
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 21 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
Description Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. From 1.0.0 to 1.10.0, the Tekton Pipelines git resolver in API mode sends the system-configured Git API token to a user-controlled serverURL when the user omits the token parameter. A tenant with TaskRun or PipelineRun create permission can exfiltrate the shared API token (GitHub PAT, GitLab token, etc.) by pointing serverURL to an attacker-controlled endpoint.
Title Tekton Pipelines: Git resolver API mode leaks system-configured API token to user-controlled serverURL
Weaknesses CWE-201
References
Metrics cvssV3_1

{'score': 7.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N'}

Subscriptions

Tektoncd Pipeline
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-21T17:41:38.895Z

Reserved: 2026-04-09T19:31:56.014Z

Link: CVE-2026-40161

cve-icon Vulnrichment

Updated: 2026-04-21T17:41:34.381Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-21T17:16:53.790

Modified: 2026-04-22T21:24:26.997

Link: CVE-2026-40161

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-21T22:45:16Z

Weaknesses