Vulnerabilidades en tektoncd
8 resultadosCVE-2026-40938HIGHTekton Pipelines: Git Resolver Unsanitized Revision Parameter Enables git Argument Injection Leading to RCEEPSS 0.5%CVE-2026-33211CRITICALTekton Pipelines git resolver has path traversal that allows reading arbitrary files from the resolver podEPSS 0.5%CVE-2026-33022MEDIUMTekton Pipelines: Controller can panic when setting long resolver names in TaskRun/PipelineRunEPSS 0.4%CVE-2026-40924MEDIUMTekton Pipelines: HTTP Resolver Unbounded Response Body Read Enables Denial of Service via Memory ExhaustionEPSS 0.3%CVE-2023-37264LOWPipelines do not validate child UIDsEPSS 0.3%CVE-2026-25542MEDIUMTekton Pipelines: VerificationPolicy regex pattern bypass via substring matchingEPSS 0.3%CVE-2026-40161HIGHTekton Pipelines: Git resolver API mode leaks system-configured API token to user-controlled serverURLEPSS 0.3%CVE-2026-40923MEDIUMTekton Pipelines: VolumeMount path restriction bypass via missing filepath.Clean in /tekton/ checkEPSS 0.2%