CLEANSTART-2026-UG89030

See a problem?
Import Source
https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-UG89030.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLEANSTART-2026-UG89030
Upstream
  • CVE-2026-25679
  • CVE-2026-27139
  • CVE-2026-27142
  • ghsa-78h2-9frx-2jm8
  • ghsa-9h8m-3fm2-qjrq
  • ghsa-f6x5-jh6r-wrfv
  • ghsa-fcv2-xgw5-pqxf
  • ghsa-j5w8-q4qc-rx2x
  • ghsa-p436-gjf2-799p
  • ghsa-w8rr-5gcm-pp58
Published
2026-05-18T13:43:29.004136Z
Modified
2026-05-20T18:15:06.498175576Z
Summary
Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-34986, CVE-2026-39882, ghsa-78h2-9frx-2jm8, ghsa-9h8m-3fm2-qjrq, ghsa-f6x5-jh6r-wrfv, ghsa-fcv2-xgw5-pqxf, ghsa-j5w8-q4qc-rx2x, ghsa-p436-gjf2-799p, ghsa-w8rr-5gcm-pp58 applied in versions: 1.11.0-r0, 1.5.0-r0, 1.5.0-r1, 1.5.0-r2, 1.5.0-r3, 1.5.0-r4
Details

Multiple security vulnerabilities affect the tekton-pipelines package. These issues are resolved in later releases. See references for individual vulnerability details.

References

Affected packages

CleanStart / tekton-pipelines

Package

Name
tekton-pipelines

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.5.0-r4

Database specific

source 
"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-UG89030.json"