Tekton Pipelines git resolver has path traversal that allows reading arbitrary files from the resolver pod
Summary
| CVE | CVE-2026-33211 |
|---|---|
| State | PUBLISHED |
| Assigner | GitHub_M |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-03-24 00:16:29 UTC |
| Updated | 2026-07-09 13:16:58 UTC |
| Description | Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines git resolver is vulnerable to path traversal via the `pathInRepo` parameter. A tenant with permission to create `ResolutionRequests` (e.g. by creating `TaskRuns` or `PipelineRuns` that use the git resolver) can read arbitrary files from the resolver pod's filesystem, including ServiceAccount tokens. The file contents are returned base64-encoded in `resolutionrequest.status.data`. Versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2 contain a patch. |
Risk And Classification
Primary CVSS: v3.1 9.6 CRITICAL from [email protected]
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
Problem Types: CWE-22 | CWE-22 CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Primary | 9.6 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N |
| 3.1 | ADP | CVSS | 9.6 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N |
| 3.1 | [email protected] | Secondary | 9.6 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N |
| 3.1 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | Secondary | 9.6 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N |
| 3.1 | CNA | DECLARED | 9.6 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N |
CVSS v3.1 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Linuxfoundation | Tekton Pipelines | All | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Tektoncd | Pipeline | affected >= 1.0.0, < 1.0.1 | Not specified |
| CNA | Tektoncd | Pipeline | affected >= 1.1.0, < 1.3.3 | Not specified |
| CNA | Tektoncd | Pipeline | affected >= 1.4.0, < 1.6.1 | Not specified |
| CNA | Tektoncd | Pipeline | affected >= 1.7.0, < 1.9.2 | Not specified |
| CNA | Tektoncd | Pipeline | affected >= 1.10.0, < 1.10.2 | Not specified |
| ADP | Red Hat | Red Hat OpenShift Builds 1.6.5 | Not specified | Not specified |
| ADP | Red Hat | Red Hat OpenShift Builds 1.7.4 | Not specified | Not specified |
| ADP | Red Hat | Red Hat OpenShift Pipelines 1.21 | Not specified | Not specified |
| ADP | Red Hat | Red Hat OpenShift Pipelines 1.2 | Not specified | Not specified |
| ADP | Red Hat | Red Hat Trusted Artifact Signer 1.3 | Not specified | Not specified |
| ADP | Red Hat | OpenShift Pipelines | Not specified | Not specified |
| ADP | Red Hat | OpenShift Serverless | Not specified | Not specified |
| ADP | Red Hat | Builds For Red Hat OpenShift | Not specified | Not specified |
| ADP | Red Hat | Red Hat OpenShift AI RHOAI | Not specified | Not specified |
| ADP | Red Hat | Red Hat OpenShift Virtualization 4 | Not specified | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| access.redhat.com/errata/RHSA-2026:10125 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:24484 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| github.com/tektoncd/pipeline/security/advisories/GHSA-j5q5-j9gm-2w5c | [email protected] | github.com | Patch, Vendor Advisory |
| github.com/tektoncd/pipeline/commit/3ca7bc6e6dd1d97f80b84f78370d91edaf02... | [email protected] | github.com | Patch |
| access.redhat.com/errata/RHSA-2026:21932 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:10155 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:10066 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| github.com/tektoncd/pipeline/commit/ec7755031a183b345cf9e64bea0e0505c1b9... | [email protected] | github.com | Patch |
| github.com/tektoncd/pipeline/commit/318006c4e3a5 | [email protected] | github.com | Patch |
| access.redhat.com/errata/RHSA-2026:10158 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:6170 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| github.com/tektoncd/pipeline/commit/961388fcf3374bc7656d28ab58ca84987e0a... | [email protected] | github.com | Patch |
| github.com/tektoncd/pipeline/commit/b1fee65b88aa969069c14c120045e97c37d9... | [email protected] | github.com | Patch |
| access.redhat.com/errata/RHSA-2026:21931 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| github.com/tektoncd/pipeline/commit/cdb4e1e97a4f3170f9bc2cbfff83a6c8107b... | [email protected] | github.com | Patch |
| security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33211.json | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | security.access.redhat.com | |
| github.com/tektoncd/pipeline/commit/10fa538f9a2b6d01c75138f1ed7ba3da0e34... | [email protected] | github.com | Patch |
| access.redhat.com/security/cve/CVE-2026-33211 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:6166 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:10026 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| bugzilla.redhat.com/show_bug.cgi | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | bugzilla.redhat.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Additional Advisory Data
| Source | Time | Event |
|---|---|---|
| ADP | 2026-03-24T00:02:20.093Z | Reported to Red Hat. |
| ADP | 2026-03-23T23:55:54.089Z | Made public. |
Solutions
ADP: RHSA-2026:10155: Red Hat OpenShift Builds 1.6.5
ADP: RHSA-2026:10158: Red Hat OpenShift Builds 1.7.4
ADP: RHSA-2026:6170: Red Hat OpenShift Pipelines 1.21
ADP: RHSA-2026:6166: Red Hat OpenShift Pipelines 1.21
ADP: RHSA-2026:24484: Red Hat OpenShift Pipelines 1.21
ADP: RHSA-2026:10066: Red Hat OpenShift Pipelines 1.2
ADP: RHSA-2026:21932: Red Hat OpenShift Pipelines 1.2
ADP: RHSA-2026:21931: Red Hat OpenShift Pipelines 1.2
ADP: RHSA-2026:10026: Red Hat OpenShift Pipelines 1.2
ADP: RHSA-2026:10125: Red Hat Trusted Artifact Signer 1.3
Workarounds
ADP: To mitigate this vulnerability, restrict the creation of ResolutionRequests to trusted users and service accounts. Implement strict Role-Based Access Control (RBAC) policies to limit which tenants can create TaskRuns or PipelineRuns that utilize the Tekton Pipelines git resolver. This reduces the exposure by preventing unauthorized access to the resolver pod's filesystem.