Risk Scores
CVSS v3.1
9.600000381469727
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
EPSS Score
0.02%
6.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| tektoncd | pipeline | >= 1.0.0, < 1.0.1, >= 1.1.0, < 1.3.3, >= 1.4.0, < 1.6.1 |
| linuxfoundation | tekton_pipelines | 1.0.0, 1.1.0, 1.4.0 |
| github.com | tektoncd/pipeline | 1.0.0, 1.1.0, 1.4.0 |
Timeline
- Mar 18, 2026 CVE Published
- Mar 19, 2026 Security Advisory
- Mar 24, 2026 EPSS Score
- Mar 24, 2026 PoC Published
- Mar 24, 2026 PoC Published
- Mar 24, 2026 PoC Published
- Mar 24, 2026 PoC Published
- Mar 25, 2026 CVE Updated
- Mar 25, 2026 EPSS Score
- Mar 26, 2026 PoC Published
References
- https://github.com/tektoncd/pipeline/security/advisories/GHSA-j5q5-j9gm-2w5c url
- https://github.com/tektoncd/pipeline/commit/10fa538f9a2b6d01c75138f1ed7ba3da0e34687c url
- https://github.com/tektoncd/pipeline/commit/318006c4e3a5 url
- https://github.com/tektoncd/pipeline/commit/3ca7bc6e6dd1d97f80b84f78370d91edaf023cbd url
- https://github.com/tektoncd/pipeline/commit/961388fcf3374bc7656d28ab58ca84987e0a75ae url
- https://github.com/tektoncd/pipeline/commit/b1fee65b88aa969069c14c120045e97c37d9ee5e url
- https://github.com/tektoncd/pipeline/commit/cdb4e1e97a4f3170f9bc2cbfff83a6c8107bc3db url
- https://github.com/tektoncd/pipeline/commit/ec7755031a183b345cf9e64bea0e0505c1b9cb78 url
- https://nvd.nist.gov/vuln/detail/CVE-2026-33211 advisory
- https://github.com/tektoncd/pipeline package