CVE-2026-33211
Path Traversal in Tekton Pipelines Git Resolver Exposes Secrets
Publication date: 2026-03-24
Last updated on: 2026-03-26
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linuxfoundation | tekton_pipelines | From 1.1.0 (inc) to 1.3.3 (exc) |
| linuxfoundation | tekton_pipelines | From 1.10.0 (inc) to 1.10.2 (exc) |
| linuxfoundation | tekton_pipelines | From 1.4.0 (inc) to 1.6.1 (exc) |
| linuxfoundation | tekton_pipelines | From 1.7.0 (inc) to 1.9.2 (exc) |
| linuxfoundation | tekton_pipelines | 1.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'Immediate mitigation steps include upgrading Tekton Pipelines to a patched version that contains the fix for CVE-2026-33211. The fixed versions are 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2 or later.'}, {'type': 'paragraph', 'content': "The fix involves validating the `pathInRepo` parameter to reject any paths containing `..` components and reading files safely from git's object store rather than directly from the filesystem, preventing path traversal and symlink escape attacks."}, {'type': 'paragraph', 'content': 'If immediate upgrade is not possible, restrict which users or service accounts have permission to create ResolutionRequests, TaskRuns, or PipelineRuns that use the git resolver, as these permissions enable exploitation.'}, {'type': 'paragraph', 'content': 'Tighten RBAC permissions for the resolver podβs ServiceAccount to limit access to Kubernetes secrets and other sensitive resources, reducing the impact of potential exploitation.'}, {'type': 'paragraph', 'content': 'Monitor and audit usage of the git resolver and ResolutionRequests for suspicious activity as a temporary detection and response measure.'}] [2, 3]
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2026-33211 is a critical path traversal vulnerability in the Tekton Pipelines git resolver component. It arises because the `pathInRepo` parameter was not properly validated, allowing an attacker with permission to create ResolutionRequests (such as via TaskRuns or PipelineRuns using the git resolver) to supply crafted paths containing traversal sequences like `../../../../etc/passwd`. This enables reading arbitrary files from the resolver pod's filesystem."}, {'type': 'paragraph', 'content': "The vulnerability was introduced when the git resolver switched from using the go-git library's in-memory filesystem to shelling out to the native git binary and reading files directly from the pod's filesystem using `os.ReadFile()`. This change removed protections against path traversal and allowed attackers to escape the intended repository directory."}, {'type': 'paragraph', 'content': 'Exploiting this flaw, an attacker can read sensitive files such as Kubernetes ServiceAccount tokens, which are base64-encoded and returned in the `resolutionrequest.status.data` field, effectively creating a data exfiltration channel.'}, {'type': 'paragraph', 'content': "The fix involves validating the `pathInRepo` parameter to reject any paths containing `..` components, stripping leading slashes for compatibility, and reading files safely from git's object store using `git show HEAD:<path>`. It also includes checks to prevent symlink escapes outside the repository directory."}] [2, 3, 4]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': "This vulnerability allows an attacker with limited permissions (permission to create ResolutionRequests) to read arbitrary files from the resolver pod's filesystem, including sensitive Kubernetes secrets such as ServiceAccount tokens."}, {'type': 'paragraph', 'content': 'Since the resolver podβs ServiceAccount often has broad RBAC permissions, including cluster-wide access to secrets, exfiltrating these tokens can lead to full privilege escalation within the Kubernetes cluster.'}, {'type': 'paragraph', 'content': "An attacker could use this to steal credentials, gain unauthorized access to cluster resources, and potentially compromise the entire cluster's security."}] [2, 3, 4]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by monitoring for ResolutionRequests or TaskRuns/PipelineRuns that use the git resolver with suspicious or crafted `pathInRepo` parameters containing path traversal sequences such as `..` or paths targeting sensitive files like `/etc/passwd` or Kubernetes ServiceAccount tokens.'}, {'type': 'paragraph', 'content': "Since the vulnerability involves reading arbitrary files from the resolver pod's filesystem and returning their base64-encoded contents in `resolutionrequest.status.data`, inspecting these status fields for unexpected or sensitive data can help detect exploitation attempts."}, {'type': 'paragraph', 'content': 'Specific commands to detect exploitation attempts could include querying Kubernetes for ResolutionRequests with suspicious `pathInRepo` parameters or examining the status data fields for base64-encoded content that decodes to sensitive files.'}, {'type': 'list_item', 'content': 'Use kubectl to list ResolutionRequests and inspect their parameters and status, for example:'}, {'type': 'list_item', 'content': "`kubectl get resolutionrequests -o json | jq '.items[] | {name: .metadata.name, pathInRepo: .spec.params[]?.value, data: .status.data}'`"}, {'type': 'list_item', 'content': 'Look for `pathInRepo` values containing `..` or absolute paths.'}, {'type': 'list_item', 'content': 'Decode base64 data in `.status.data` fields to check for sensitive file contents, e.g.:'}, {'type': 'list_item', 'content': '`echo <base64_data> | base64 --decode`'}, {'type': 'paragraph', 'content': 'Additionally, monitoring logs of the resolver pod for unusual git resolver invocations or errors related to file reads outside the repository may help detect attempts to exploit this vulnerability.'}] [2, 3, 4]