{"url":"http://public2.vulnerablecode.io/api/packages/188488?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.0.2","type":"golang","namespace":"github.com/tektoncd","name":"pipeline","version":"1.0.2","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.3.3","latest_non_vulnerable_version":"1.11.1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/332343?format=json","vulnerability_id":"VCID-86hk-7pu9-mbe5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40938.json","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40938.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40938","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10842","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40938"},{"reference_url":"https://github.com/tektoncd/pipeline","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tektoncd/pipeline"},{"reference_url":"https://github.com/tektoncd/pipeline/releases/tag/v1.11.1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-22T18:31:54Z/"}],"url":"https://github.com/tektoncd/pipeline/releases/tag/v1.11.1"},{"reference_url":"https://github.com/tektoncd/pipeline/security/advisories/GHSA-94jr-7pqp-xhcq","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-22T18:31:54Z/"}],"url":"https://github.com/tektoncd/pipeline/security/advisories/GHSA-94jr-7pqp-xhcq"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40938","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40938"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460292","reference_id":"2460292","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17546","reference_id":"RHSA-2026:17546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17546"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188488?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/188489?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.3.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/188490?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.6.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/188491?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.9.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.9.3"},{"url":"http://public2.vulnerablecode.io/api/packages/188492?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.11.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.11.1"}],"aliases":["CVE-2026-40938","GHSA-94jr-7pqp-xhcq"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-86hk-7pu9-mbe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/332333?format=json","vulnerability_id":"VCID-8hyd-r4eu-gbbf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40924.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40924.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40924","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17156","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40924"},{"reference_url":"https://github.com/tektoncd/pipeline","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tektoncd/pipeline"},{"reference_url":"https://github.com/tektoncd/pipeline/releases/tag/v1.11.1","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T13:21:18Z/"}],"url":"https://github.com/tektoncd/pipeline/releases/tag/v1.11.1"},{"reference_url":"https://github.com/tektoncd/pipeline/security/advisories/GHSA-m2cx-gpqf-qf74","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T13:21:18Z/"}],"url":"https://github.com/tektoncd/pipeline/security/advisories/GHSA-m2cx-gpqf-qf74"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40924","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40924"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460365","reference_id":"2460365","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460365"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188488?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/188489?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.3.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/188490?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.6.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/188491?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.9.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.9.3"},{"url":"http://public2.vulnerablecode.io/api/packages/188492?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.11.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.11.1"}],"aliases":["CVE-2026-40924","GHSA-m2cx-gpqf-qf74"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8hyd-r4eu-gbbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/332332?format=json","vulnerability_id":"VCID-ayma-vaa6-ukam","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40923.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40923.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40923","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16456","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40923"},{"reference_url":"https://github.com/tektoncd/pipeline","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tektoncd/pipeline"},{"reference_url":"https://github.com/tektoncd/pipeline/releases/tag/v1.11.1","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T13:50:48Z/"}],"url":"https://github.com/tektoncd/pipeline/releases/tag/v1.11.1"},{"reference_url":"https://github.com/tektoncd/pipeline/security/advisories/GHSA-rx35-6rhx-7858","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T13:50:48Z/"}],"url":"https://github.com/tektoncd/pipeline/security/advisories/GHSA-rx35-6rhx-7858"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40923","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40923"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460269","reference_id":"2460269","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460269"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188488?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/188489?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.3.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/188490?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.6.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/188491?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.9.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.9.3"},{"url":"http://public2.vulnerablecode.io/api/packages/188492?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.11.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.11.1"}],"aliases":["CVE-2026-40923","GHSA-rx35-6rhx-7858"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ayma-vaa6-ukam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331891?format=json","vulnerability_id":"VCID-cu2r-7jhe-kka2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40161.json","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40161.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40161","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11296","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40161"},{"reference_url":"https://github.com/tektoncd/pipeline","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tektoncd/pipeline"},{"reference_url":"https://github.com/tektoncd/pipeline/issues/9608","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T17:41:32Z/"}],"url":"https://github.com/tektoncd/pipeline/issues/9608"},{"reference_url":"https://github.com/tektoncd/pipeline/issues/9609","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T17:41:32Z/"}],"url":"https://github.com/tektoncd/pipeline/issues/9609"},{"reference_url":"https://github.com/tektoncd/pipeline/security/advisories/GHSA-wjxp-xrpv-xpff","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T17:41:32Z/"}],"url":"https://github.com/tektoncd/pipeline/security/advisories/GHSA-wjxp-xrpv-xpff"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40161","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40161"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460173","reference_id":"2460173","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460173"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188488?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/188489?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.3.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/188490?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.6.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/188491?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.9.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.9.3"},{"url":"http://public2.vulnerablecode.io/api/packages/188492?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.11.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.11.1"}],"aliases":["CVE-2026-40161","GHSA-wjxp-xrpv-xpff"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cu2r-7jhe-kka2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/324029?format=json","vulnerability_id":"VCID-scaj-4geb-fqcv","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25542.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25542.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25542","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12011","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25542"},{"reference_url":"https://github.com/tektoncd/pipeline","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tektoncd/pipeline"},{"reference_url":"https://github.com/tektoncd/pipeline/commit/2c398711e6e9e232180508f0648425a8ea34dc9e","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tektoncd/pipeline/commit/2c398711e6e9e232180508f0648425a8ea34dc9e"},{"reference_url":"https://github.com/tektoncd/pipeline/commit/b8905600322aa86327baae0a7c04d6cf1207362a","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:48:04Z/"}],"url":"https://github.com/tektoncd/pipeline/commit/b8905600322aa86327baae0a7c04d6cf1207362a"},{"reference_url":"https://github.com/tektoncd/pipeline/releases/tag/v1.11.0","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tektoncd/pipeline/releases/tag/v1.11.0"},{"reference_url":"https://github.com/tektoncd/pipeline/security/advisories/GHSA-rmx9-2pp3-xhcr","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:48:04Z/"}],"url":"https://github.com/tektoncd/pipeline/security/advisories/GHSA-rmx9-2pp3-xhcr"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25542","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25542"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460159","reference_id":"2460159","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460159"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188488?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/188489?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.3.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/188490?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.6.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/188491?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.9.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.9.3"},{"url":"http://public2.vulnerablecode.io/api/packages/188492?format=json","purl":"pkg:golang/github.com/tektoncd/pipeline@1.11.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.11.1"}],"aliases":["CVE-2026-25542","GHSA-rmx9-2pp3-xhcr"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-scaj-4geb-fqcv"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/tektoncd/pipeline@1.0.2"}