apk package
chainguard/tekton-pipelines-events-fips-1.9
pkg:apk/chainguard/tekton-pipelines-events-fips-1.9
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-25679 | Hig | 7.5 | < 1.9.1-r4 | 1.9.1-r4 | Mar 6, 2026 | url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. | |
| CVE-2023-37264 | — | < 0 | 0 | Jul 7, 2023 | Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.35.0, pipelines do not validate child UIDs, which means that a user that has access to create TaskRuns can create their own Tasks that the Pipelines controller will ac |
- affected < 1.9.1-r4fixed 1.9.1-r4
url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.
- CVE-2023-37264Jul 7, 2023affected < 0fixed 0
Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.35.0, pipelines do not validate child UIDs, which means that a user that has access to create TaskRuns can create their own Tasks that the Pipelines controller will ac
Page 2 of 2