9.6
CRITICAL CVSS 3.1
CVE-2026-33211
Tekton Pipelines git resolver has path traversal that allows reading arbitrary files from the resolver pod
Description

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines git resolver is vulnerable to path traversal via the `pathInRepo` parameter. A tenant with permission to create `ResolutionRequests` (e.g. by creating `TaskRuns` or `PipelineRuns` that use the git resolver) can read arbitrary files from the resolver pod's filesystem, including ServiceAccount tokens. The file contents are returned base64-encoded in `resolutionrequest.status.data`. Versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2 contain a patch.

INFO

Published Date :

March 24, 2026, 12:16 a.m.

Last Modified :

June 30, 2026, 3:18 a.m.

Remotely Exploit :

Yes !
Affected Products

The following products are affected by CVE-2026-33211 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linuxfoundation tekton_pipelines
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 134c704f-9b21-4f2e-91b3-4a467353bcc0
CVSS 3.1 CRITICAL [email protected]
CVSS 3.1 CRITICAL [email protected]
CVSS 3.1 CRITICAL 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Solution
Update Tekton Pipelines to a patched version to fix path traversal vulnerability.
  • Update Tekton Pipelines to version 1.0.1 or later.
  • Update Tekton Pipelines to version 1.3.3 or later.
  • Update Tekton Pipelines to version 1.6.1 or later.
  • Update Tekton Pipelines to version 1.9.2 or later.
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2026-33211.

URL Resource
https://github.com/tektoncd/pipeline/commit/10fa538f9a2b6d01c75138f1ed7ba3da0e34687c Patch
https://github.com/tektoncd/pipeline/commit/318006c4e3a5 Patch
https://github.com/tektoncd/pipeline/commit/3ca7bc6e6dd1d97f80b84f78370d91edaf023cbd Patch
https://github.com/tektoncd/pipeline/commit/961388fcf3374bc7656d28ab58ca84987e0a75ae Patch
https://github.com/tektoncd/pipeline/commit/b1fee65b88aa969069c14c120045e97c37d9ee5e Patch
https://github.com/tektoncd/pipeline/commit/cdb4e1e97a4f3170f9bc2cbfff83a6c8107bc3db Patch
https://github.com/tektoncd/pipeline/commit/ec7755031a183b345cf9e64bea0e0505c1b9cb78 Patch
https://github.com/tektoncd/pipeline/security/advisories/GHSA-j5q5-j9gm-2w5c Patch Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:10026
https://access.redhat.com/errata/RHSA-2026:10066
https://access.redhat.com/errata/RHSA-2026:10125
https://access.redhat.com/errata/RHSA-2026:10155
https://access.redhat.com/errata/RHSA-2026:10158
https://access.redhat.com/errata/RHSA-2026:21931
https://access.redhat.com/errata/RHSA-2026:21932
https://access.redhat.com/errata/RHSA-2026:24484
https://access.redhat.com/errata/RHSA-2026:6166
https://access.redhat.com/errata/RHSA-2026:6170
https://access.redhat.com/security/cve/CVE-2026-33211
https://bugzilla.redhat.com/show_bug.cgi?id=2450554
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33211.json
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2026-33211 is associated with the following CWEs:

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2026-33211 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2026-33211 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by 0b0ca135-0b70-47e7-9f44-1890c2a1c46c

    Jun. 30, 2026

    Action Type Old Value New Value
    Added Affected [{'cpes': ['cpe:/a:redhat:openshift_builds:1.6::el9'], 'vendor': 'Red Hat', 'product': 'Red Hat OpenShift Builds 1.6.5', 'defaultStatus': 'affected'}, {'cpes': ['cpe:/a:redhat:openshift_builds:1.7::el9'], 'vendor': 'Red Hat', 'product': 'Red Hat OpenShift Builds 1.7.3', 'defaultStatus': 'affected'}, {'cpes': ['cpe:/a:redhat:openshift_pipelines:1.21::el9'], 'vendor': 'Red Hat', 'product': 'Red Hat OpenShift Pipelines 1.21', 'defaultStatus': 'affected'}, {'cpes': ['cpe:/a:redhat:openshift_pipelines:1.20::el9'], 'vendor': 'Red Hat', 'product': 'Red Hat OpenShift Pipelines 1.2', 'defaultStatus': 'affected'}, {'cpes': ['cpe:/a:redhat:trusted_artifact_signer:1.3::el9'], 'vendor': 'Red Hat', 'product': 'Red Hat Trusted Artifact Signer 1.3', 'defaultStatus': 'affected'}, {'cpes': ['cpe:/a:redhat:openshift_pipelines:1'], 'vendor': 'Red Hat', 'product': 'OpenShift Pipelines', 'defaultStatus': 'affected'}, {'cpes': ['cpe:/a:redhat:serverless:1'], 'vendor': 'Red Hat', 'product': 'OpenShift Serverless', 'defaultStatus': 'affected'}, {'cpes': ['cpe:/a:redhat:openshift_builds:1'], 'vendor': 'Red Hat', 'product': 'Builds for Red Hat OpenShift', 'defaultStatus': 'unaffected'}, {'cpes': ['cpe:/a:redhat:openshift_ai'], 'vendor': 'Red Hat', 'product': 'Red Hat OpenShift AI (RHOAI)', 'defaultStatus': 'unaffected'}, {'cpes': ['cpe:/a:redhat:container_native_virtualization:4'], 'vendor': 'Red Hat', 'product': 'Red Hat OpenShift Virtualization 4', 'defaultStatus': 'unaffected'}]
    Added CVSS V3.1 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
    Added CWE CWE-22
    Added Reference https://access.redhat.com/errata/RHSA-2026:10026
    Added Reference https://access.redhat.com/errata/RHSA-2026:10066
    Added Reference https://access.redhat.com/errata/RHSA-2026:10125
    Added Reference https://access.redhat.com/errata/RHSA-2026:10155
    Added Reference https://access.redhat.com/errata/RHSA-2026:10158
    Added Reference https://access.redhat.com/errata/RHSA-2026:21931
    Added Reference https://access.redhat.com/errata/RHSA-2026:21932
    Added Reference https://access.redhat.com/errata/RHSA-2026:24484
    Added Reference https://access.redhat.com/errata/RHSA-2026:6166
    Added Reference https://access.redhat.com/errata/RHSA-2026:6170
    Added Reference https://access.redhat.com/security/cve/CVE-2026-33211
    Added Reference https://bugzilla.redhat.com/show_bug.cgi?id=2450554
    Added Reference https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33211.json
  • CVE Modified by [email protected]

    Jun. 17, 2026

    Action Type Old Value New Value
    Added Affected [{'vendor': 'tektoncd', 'product': 'pipeline', 'versions': [{'status': 'affected', 'version': '>= 1.0.0, < 1.0.1'}, {'status': 'affected', 'version': '>= 1.1.0, < 1.3.3'}, {'status': 'affected', 'version': '>= 1.4.0, < 1.6.1'}, {'status': 'affected', 'version': '>= 1.7.0, < 1.9.2'}, {'status': 'affected', 'version': '>= 1.10.0, < 1.10.2'}]}]
  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Jun. 17, 2026

    Action Type Old Value New Value
    Added SSVC {'id': 'CVE-2026-33211', 'role': 'CISA Coordinator', 'options': [{'exploitation': 'none'}, {'automatable': 'no'}, {'technicalImpact': 'partial'}], 'version': '2.0.3', 'timestamp': '2026-03-24T15:40:21.314239Z'}
  • Initial Analysis by [email protected]

    Mar. 26, 2026

    Action Type Old Value New Value
    Added CVSS V3.1 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
    Added CPE Configuration OR *cpe:2.3:a:linuxfoundation:tekton_pipelines:*:*:*:*:*:go:*:* versions from (including) 1.1.0 up to (excluding) 1.3.3 *cpe:2.3:a:linuxfoundation:tekton_pipelines:*:*:*:*:*:go:*:* versions from (including) 1.10.0 up to (excluding) 1.10.2 *cpe:2.3:a:linuxfoundation:tekton_pipelines:*:*:*:*:*:go:*:* versions from (including) 1.4.0 up to (excluding) 1.6.1 *cpe:2.3:a:linuxfoundation:tekton_pipelines:*:*:*:*:*:go:*:* versions from (including) 1.7.0 up to (excluding) 1.9.2 *cpe:2.3:a:linuxfoundation:tekton_pipelines:1.0.0:*:*:*:*:go:*:*
    Added Reference Type GitHub, Inc.: https://github.com/tektoncd/pipeline/commit/10fa538f9a2b6d01c75138f1ed7ba3da0e34687c Types: Patch
    Added Reference Type GitHub, Inc.: https://github.com/tektoncd/pipeline/commit/318006c4e3a5 Types: Patch
    Added Reference Type GitHub, Inc.: https://github.com/tektoncd/pipeline/commit/3ca7bc6e6dd1d97f80b84f78370d91edaf023cbd Types: Patch
    Added Reference Type GitHub, Inc.: https://github.com/tektoncd/pipeline/commit/961388fcf3374bc7656d28ab58ca84987e0a75ae Types: Patch
    Added Reference Type GitHub, Inc.: https://github.com/tektoncd/pipeline/commit/b1fee65b88aa969069c14c120045e97c37d9ee5e Types: Patch
    Added Reference Type GitHub, Inc.: https://github.com/tektoncd/pipeline/commit/cdb4e1e97a4f3170f9bc2cbfff83a6c8107bc3db Types: Patch
    Added Reference Type GitHub, Inc.: https://github.com/tektoncd/pipeline/commit/ec7755031a183b345cf9e64bea0e0505c1b9cb78 Types: Patch
    Added Reference Type GitHub, Inc.: https://github.com/tektoncd/pipeline/security/advisories/GHSA-j5q5-j9gm-2w5c Types: Patch, Vendor Advisory
  • New CVE Received by [email protected]

    Mar. 24, 2026

    Action Type Old Value New Value
    Added Description Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines git resolver is vulnerable to path traversal via the `pathInRepo` parameter. A tenant with permission to create `ResolutionRequests` (e.g. by creating `TaskRuns` or `PipelineRuns` that use the git resolver) can read arbitrary files from the resolver pod's filesystem, including ServiceAccount tokens. The file contents are returned base64-encoded in `resolutionrequest.status.data`. Versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2 contain a patch.
    Added CVSS V3.1 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
    Added CWE CWE-22
    Added Reference https://github.com/tektoncd/pipeline/commit/10fa538f9a2b6d01c75138f1ed7ba3da0e34687c
    Added Reference https://github.com/tektoncd/pipeline/commit/318006c4e3a5
    Added Reference https://github.com/tektoncd/pipeline/commit/3ca7bc6e6dd1d97f80b84f78370d91edaf023cbd
    Added Reference https://github.com/tektoncd/pipeline/commit/961388fcf3374bc7656d28ab58ca84987e0a75ae
    Added Reference https://github.com/tektoncd/pipeline/commit/b1fee65b88aa969069c14c120045e97c37d9ee5e
    Added Reference https://github.com/tektoncd/pipeline/commit/cdb4e1e97a4f3170f9bc2cbfff83a6c8107bc3db
    Added Reference https://github.com/tektoncd/pipeline/commit/ec7755031a183b345cf9e64bea0e0505c1b9cb78
    Added Reference https://github.com/tektoncd/pipeline/security/advisories/GHSA-j5q5-j9gm-2w5c
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.