Tag
high
advisory
Tekton Pipelines Git Resolver API Token Leak via User-Controlled ServerURL
2 rules 1 TTP 1 CVEThe Tekton Pipelines git resolver in API mode leaks the system-configured Git API token to a user-controlled `serverURL` when the user omits the `token` parameter, allowing an attacker with TaskRun or PipelineRun creation permissions to exfiltrate the shared API token.
tekton
git
credential-access
api-token
2r
1t
1c
high
advisory
Tekton Pipelines Git Resolver API Token Leak via ServerURL Manipulation (CVE-2026-40161)
2 rules 1 TTP 1 CVE 4 IOCsTekton Pipelines versions 1.0.0 to 1.10.0 are vulnerable to credential access, where the Git resolver in API mode transmits the system-configured Git API token to a user-controlled serverURL, enabling token exfiltration via a malicious server.
tekton
credential-access
cve-2026-40161
2r
1t
1c
4i
critical
advisory
Tekton Pipelines Git Resolver Path Traversal Vulnerability
2 rules 1 TTPThe Tekton Pipelines git resolver is vulnerable to path traversal via the `pathInRepo` parameter, allowing arbitrary file reads from the resolver pod's filesystem, including ServiceAccount tokens.
tekton
path-traversal
kubernetes
cve-2026-33211
cloud
2r
1t