CVE-2026-40938
Command Injection in Tekton Pipelines Git Resolver Enables Cluster Secret Theft
Publication date: 2026-04-21
Last updated on: 2026-04-28
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linuxfoundation | tekton_pipelines | From 1.0.0 (inc) to 1.11.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-88 | The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Tekton Pipelines project versions from 1.0.0 to before 1.11.0. It involves the git resolver's revision parameter being passed directly to the git fetch command without validation to ensure it does not start with a '-' character. Because git interprets flags from positional arguments, an attacker can inject arbitrary git fetch flags, such as --upload-pack with a malicious binary.
Additionally, the validateRepoURL function allows URLs beginning with '/' (local filesystem paths), which combined with the above flaw, allows a tenant who can submit ResolutionRequest objects to execute arbitrary binaries on the resolver pod.
Since the tekton-pipelines-resolvers ServiceAccount has cluster-wide permissions to get, list, and watch all Secrets, this code execution can lead to full cluster-wide secret exfiltration.
This vulnerability was fixed in version 1.11.1 of Tekton Pipelines.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized code execution on the resolver pod within the Kubernetes cluster.
Because the resolver pod's ServiceAccount has cluster-wide permissions to access all Secrets, an attacker exploiting this vulnerability can exfiltrate sensitive information stored as Secrets across the entire cluster.
This can lead to a complete compromise of the cluster's confidentiality, integrity, and availability.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is fixed in Tekton Pipelines version 1.11.1. Immediate mitigation involves upgrading your Tekton Pipelines installation to version 1.11.1 or later.
Since the vulnerability allows arbitrary code execution on the resolver pod, which has cluster-wide access to Secrets, it is critical to apply the patch promptly to prevent potential secret exfiltration.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by inspecting Tekton Pipelines git resolver configurations and logs for usage of unsanitized revision parameters that start with a hyphen (-) and repository URLs that point to local filesystem paths.
Specifically, you should check if any ResolutionRequest objects submitted to the git resolver contain revision parameters beginning with a hyphen, which could indicate an attempt to inject git fetch flags.
You can also audit the repository URLs used by the resolver to identify if any local paths (starting with "/") are being used, which is a prerequisite for exploitation.
Suggested commands to detect potential exploitation or vulnerability include:
- Use kubectl to list ResolutionRequest objects and filter for suspicious revision parameters starting with '-': kubectl get resolutionrequests -o json | jq '.items[] | select(.spec.revision | startswith("-"))'
- Check Tekton resolver pod logs for git fetch commands or errors involving revision parameters starting with '-': kubectl logs <resolver-pod-name> | grep 'git fetch' | grep '^-'
- Audit repository URLs used by the resolver to find local filesystem paths: kubectl get resolutionrequests -o json | jq '.items[] | select(.spec.url | startswith("/"))'
- Search for suspicious execution of binaries like /usr/bin/curl or /bin/sh in resolver pod logs that could indicate exploitation attempts.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows an attacker to execute arbitrary code on the resolver pod and exfiltrate all cluster-wide secrets due to the high privileges of the tekton-pipelines-resolvers ServiceAccount.
Such unauthorized access and exfiltration of sensitive information could lead to violations of data protection regulations and standards like GDPR and HIPAA, which require strict controls over access to sensitive data and secrets.
Therefore, exploitation of this vulnerability could compromise compliance with these regulations by exposing confidential data and failing to maintain required security controls.