https://feed.craftedsignal.io/tags/tekton/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioWed, 22 Apr 2026 12:00:00 +0000https://feed.craftedsignal.io/briefs/2026-04-tekton-api-token-leak/Wed, 22 Apr 2026 12:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-04-tekton-api-token-leak/The Tekton Pipelines git resolver in API mode leaks the system-configured Git API token to a user-controlled `serverURL` when the user omits the `token` parameter, allowing an attacker with TaskRun or PipelineRun creation permissions to exfiltrate the shared API token.A vulnerability exists in Tekton Pipelines’ git resolver (versions v1.0.0 through v1.10.0) where the system-configured Git API token is sent to a user-controlled serverURL when the user omits the token parameter. This allows a malicious tenant with TaskRun or PipelineRun create permissions to exfiltrate the shared API token (GitHub PAT, GitLab token, etc.) by pointing serverURL to an attacker-controlled endpoint. The attacker can then use this token to gain unauthorized access to private repositories, potentially exposing source code, secrets, and CI/CD configurations. This vulnerability is similar to GHSA-j5q5-j9gm-2w5c, where credentials could be exfiltrated. The vulnerability resides in the ResolveAPIGit() function within pkg/resolution/resolver/git/resolver.go.

Attack Chain

1. Attacker gains permission to create TaskRuns or PipelineRuns within a Tekton Pipelines namespace.
2. Attacker crafts a malicious TaskRun or PipelineRun configuration.
3. The configuration specifies the git resolver in API mode.
4. The configuration omits the token parameter but includes a serverURL pointing to an attacker-controlled endpoint.
5. Tekton Pipelines executes the TaskRun or PipelineRun, triggering the git resolver.
6. The ResolveAPIGit() function retrieves the system-configured Git API token using getAPIToken().
7. The function creates an SCM client pointed at the attacker-controlled serverURL with the system token as an Authorization header.
8. Subsequent API calls from the resolver to the attacker-controlled URL transmit the system token, allowing the attacker to capture it.

Impact

Successful exploitation allows an attacker to exfiltrate the system Git API token (GitHub PAT, GitLab token, etc.). The exfiltrated token can be used to access private repositories, potentially leading to the exposure of sensitive information like source code, secrets, and CI/CD configurations. This can lead to supply chain compromise, data breaches, or other unauthorized activities. All Tekton Pipeline instances running versions v1.0.0 through v1.10.0 are potentially vulnerable if a system-level API token is configured.

Recommendation

• Do not configure a system-level API token in the git resolver ConfigMap. Instead, require all users to provide their own tokens via the token parameter, as suggested in the advisory’s workaround section.
• Restrict TaskRun creation to limit which users or ServiceAccounts can create TaskRuns and PipelineRuns that use the git resolver, as recommended in the advisory’s workaround section.
• Apply NetworkPolicy to the tekton-pipelines-resolvers namespace to restrict outbound traffic to known-good Git servers only, mitigating the risk of token exfiltration to arbitrary serverURL values.

]]>highadvisorytektongitcredential-accessapi-tokenhttps://feed.craftedsignal.io/briefs/2026-04-tekton-credential-leak/Wed, 22 Apr 2026 12:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-04-tekton-credential-leak/Tekton Pipelines versions 1.0.0 to 1.10.0 are vulnerable to credential access, where the Git resolver in API mode transmits the system-configured Git API token to a user-controlled serverURL, enabling token exfiltration via a malicious server.Tekton Pipelines, a Kubernetes-style resource for declaring CI/CD pipelines, contains a vulnerability (CVE-2026-40161) in its git resolver component. Specifically, versions 1.0.0 to 1.10.0 are affected. When operating in API mode, the resolver inadvertently sends the system-configured Git API token (e.g., GitHub PAT, GitLab token) to a server specified by the user if the token parameter is omitted. This allows an attacker with TaskRun or PipelineRun creation privileges to exfiltrate the shared API token by directing the serverURL to an attacker-controlled endpoint. The vulnerability allows for the potential compromise of CI/CD pipelines and related infrastructure.

Attack Chain

1. An attacker gains access to a Kubernetes tenant with permissions to create TaskRun or PipelineRun resources within Tekton Pipelines.
2. The attacker crafts a malicious TaskRun or PipelineRun configuration.
3. The configuration leverages the Tekton Pipelines git resolver in API mode.
4. The attacker omits the token parameter in the git resolver configuration, forcing the system to use the system-configured Git API token.
5. The attacker sets the serverURL parameter to an attacker-controlled endpoint.
6. Tekton Pipelines, upon execution of the TaskRun or PipelineRun, sends the system-configured Git API token to the attacker-controlled serverURL.
7. The attacker’s server logs and captures the leaked Git API token.
8. The attacker uses the exfiltrated token to access and potentially compromise Git repositories or other services authenticated by the token.

Impact

Successful exploitation of CVE-2026-40161 allows an attacker to steal the system-configured Git API token used by Tekton Pipelines. This could lead to unauthorized access to Git repositories, the modification of code, and the potential compromise of the entire CI/CD pipeline. Given Tekton’s widespread adoption, a successful attack could affect numerous organizations using the vulnerable versions.

Recommendation

• Upgrade Tekton Pipelines to a version greater than 1.10.0 to remediate CVE-2026-40161.
• Implement strict access controls within the Kubernetes cluster to limit TaskRun and PipelineRun creation privileges to authorized users only.
• Monitor network traffic originating from Tekton Pipeline pods for connections to unusual or untrusted serverURL destinations as specified in CVE-2026-40161. Create a network connection rule for this.
• Review Tekton Pipeline configurations for suspicious serverURL parameters using a file monitoring rule.

]]>highadvisorytektoncredential-accesscve-2026-40161https://feed.craftedsignal.io/briefs/2026-03-tekton-traversal/Tue, 24 Mar 2026 00:16:29 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-tekton-traversal/The Tekton Pipelines git resolver is vulnerable to path traversal via the `pathInRepo` parameter, allowing arbitrary file reads from the resolver pod's filesystem, including ServiceAccount tokens.The Tekton Pipelines project provides Kubernetes-style resources for declaring CI/CD pipelines. A path traversal vulnerability exists in the git resolver component, tracked as CVE-2026-33211. This vulnerability affects Tekton Pipelines versions 1.0.0 and prior to 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2. An attacker with the ability to create ResolutionRequests (e.g., through TaskRuns or PipelineRuns that utilize the git resolver) can exploit this flaw to read any file from the resolver pod’s file system. A successful exploit allows attackers to retrieve sensitive information, such as ServiceAccount tokens, which are base64-encoded and returned in resolutionrequest.status.data. The vulnerability has been patched in versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2. This poses a significant risk in multi-tenant environments where lateral movement and privilege escalation are possible.

Attack Chain

1. An attacker gains the ability to create TaskRuns or PipelineRuns within a Tekton Pipelines environment.
2. The attacker crafts a malicious ResolutionRequest that leverages the git resolver.
3. Within the ResolutionRequest, the attacker injects a path traversal sequence into the pathInRepo parameter, such as “../../../../etc/passwd”.
4. The git resolver attempts to resolve the resource using the provided path.
5. Due to the path traversal vulnerability, the resolver accesses the file specified by the attacker on the resolver pod’s file system.
6. The contents of the accessed file are read by the resolver.
7. The resolver encodes the file content in base64.
8. The base64-encoded content is returned in the resolutionrequest.status.data field, allowing the attacker to retrieve the content. This can include sensitive files such as ServiceAccount tokens.

Impact

Successful exploitation of CVE-2026-33211 allows attackers to read arbitrary files from the Tekton Pipelines resolver pod. This can lead to the compromise of sensitive information, including ServiceAccount tokens. If ServiceAccount tokens are compromised, attackers can potentially gain unauthorized access to Kubernetes resources, leading to privilege escalation, lateral movement within the cluster, and potential data exfiltration. The impact is especially high in multi-tenant environments.

Recommendation

• Upgrade Tekton Pipelines to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, or 1.10.2 or later to patch CVE-2026-33211.
• Implement strict RBAC policies to limit the ability to create TaskRuns and PipelineRuns to only authorized users and service accounts.
• Monitor Kubernetes API audit logs for suspicious ResolutionRequest creation events (see rule: “Detect Suspicious ResolutionRequest Creation”).
• Implement network policies to restrict network access from the resolver pod to only necessary resources.

]]>criticaladvisorytektonpath-traversalkubernetescve-2026-33211cloud