VYPR

apk package

chainguard/tekton-pipelines-controller-1.7

pkg:apk/chainguard/tekton-pipelines-controller-1.7

Vulnerabilities (22)

  • CVE-2026-24137MedJan 23, 2026
    affected < 1.7.0-r2fixed 1.7.0-r2

    sigstore framework is a common go library shared across sigstore services and clients. In versions 1.10.3 and below, the legacy TUF client (pkg/tuf/client.go) supports caching target files to disk. It constructs a filesystem path by joining a cache base directory with a target na

  • CVE-2023-37264Jul 7, 2023
    affected < 0fixed 0

    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.35.0, pipelines do not validate child UIDs, which means that a user that has access to create TaskRuns can create their own Tasks that the Pipelines controller will ac

Page 2 of 2