CVE-2026-40923
published 2026-04-21CVE-2026-40923: Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Prior to 1.11.1, a validation bypass in the VolumeMount path…
medium5.4CVSS 3.1
AVNACLPRLUINSUCLILAN
Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Prior to 1.11.1, a validation bypass in the VolumeMount path restriction allows mounting volumes under restricted /tekton/ internal paths by using .. path traversal components. The restriction check uses strings.HasPrefix without filepath.Clean, so a path like /tekton/home/../results passes validation but resolves to /tekton/results at runtime. This vulnerability is fixed in 1.11.1.
Affected
81 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| container-native-virtualization | kubevirt-ssp-operator-rhel9 | — | — |
| container-native-virtualization | kubevirt-tekton-tasks-create-datavolume-rhel9 | — | — |
| container-native-virtualization | kubevirt-tekton-tasks-disk-virt-customize-rhel9 | — | — |
| container-native-virtualization | kubevirt-template-validator-rhel9 | — | — |
| github.com | tektoncd_pipeline | >= 0 < 1.11.1 | 1.11.1 |
| linuxfoundation | tekton_pipelines | < 1.11.1 | 1.11.1 |
| openshift-builds | openshift-builds-controller-rhel9 | — | — |
| openshift-builds | openshift-builds-git-cloner-rhel9 | — | — |
| openshift-builds | openshift-builds-image-bundler-rhel9 | — | — |
| openshift-builds | openshift-builds-image-processing-rhel9 | — | — |
| openshift-builds | openshift-builds-rhel9-operator | — | — |
| openshift-builds | openshift-builds-waiters-rhel9 | — | — |
| openshift-builds | openshift-builds-webhook-rhel9 | — | — |
| openshift-lightspeed | openshift-mcp-server-rhel9 | — | — |
| openshift-pipelines | pipelines-chains-controller-rhel8 | — | — |
| openshift-pipelines | pipelines-chains-controller-rhel9 | — | — |
| openshift-pipelines | pipelines-cli-tkn-rhel8 | — | — |
| openshift-pipelines | pipelines-cli-tkn-rhel9 | — | — |
| openshift-pipelines | pipelines-controller-rhel8 | — | — |
| openshift-pipelines | pipelines-controller-rhel9 | — | — |
| openshift-pipelines | pipelines-entrypoint-rhel8 | — | — |
| openshift-pipelines | pipelines-entrypoint-rhel9 | — | — |
| openshift-pipelines | pipelines-events-rhel8 | — | — |
| openshift-pipelines | pipelines-events-rhel9 | — | — |
| openshift-pipelines | pipelines-git-init-rhel8 | — | — |