Product
The Tekton Pipeline Git Resolver is vulnerable to git argument injection due to the unsanitized `revision` parameter in the `git fetch` command, allowing remote code execution on the resolver pod and cluster-wide secret exfiltration.