CVE-2026-40938

Name of the Vulnerable Software and Affected Versions Tekton Pipelines versions 1.0.0 through 1.10.x

Description The git resolver fails to validate the revision parameter, which is passed directly as a positional argument to the git fetch command. This allows an attacker to inject arbitrary flags, such as --upload-pack=<binary>. Additionally, the validateRepoURL function permits URLs starting with /, allowing local filesystem paths. A tenant capable of submitting ResolutionRequest objects can combine these behaviors to execute arbitrary binaries on the resolver pod. Because the tekton-pipelines-resolvers ServiceAccount possesses cluster-wide get, list, and watch permissions on all Secrets, this can lead to full cluster-wide secret exfiltration.

Recommendations Update to version 1.11.1.