Threats Tagged 'cve-2026-33022'
View all threats tagged with 'cve-2026-33022'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-33022'
Click on any threat for detailed analysis and mitigation recommendations
Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.20.4CVE-2026-33022 0 The 1.20.4 release of Red Hat OpenShift Pipelines Operator. Join the discussion | GCVE Database | 04/23/2026, 05:00:09 UTC Added: 05/29/2026, 21:01:37 UTC |
Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.20.4CVE-2026-33022 0 The 1.20.4 release of Red Hat OpenShift Pipelines Operator. Join the discussion | GCVE Database | 04/23/2026, 06:29:20 UTC Added: 05/29/2026, 21:01:37 UTC |
Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.21.1CVE-2025-66506 0 Red Hat OpenShift Pipelines Operator version 1.21.1 addresses multiple security vulnerabilities identified by CVE-2025-66506 and related CVEs. The vulnerabilities involve issues categorized under CWE-405, CWE-1287, CWE-130, and CWE-22. The advisory does not specify detailed technical exploit methods or impacts but classifies the severity as high. No official fix or patch is explicitly stated in the advisory content. The product is a cloud-native CI/CD solution based on Kubernetes and Tekton CRDs. Join the discussion | GCVE Database | 03/30/2026, 12:14:24 UTC Added: 05/26/2026, 20:58:30 UTC |
Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.21.1CVE-2025-66506 0 Red Hat OpenShift Pipelines Operator version 1.21.1 addresses multiple security vulnerabilities identified by CVE-2025-66506, CVE-2026-33022, and CVE-2026-33211. The release fixes an operator panic issue related to invalid variable substitution in pipeline matrix validation. The vulnerabilities are categorized under CWE-405 (Improper Resource Shutdown or Release), CWE-130 (Improper Handling of Length Parameter Inconsistency), and CWE-22 (Path Traversal). No known exploits are reported in the wild. The advisory indicates the availability of the 1.21.1 release as the remediation solution. Join the discussion | GCVE Database | 03/30/2026, 10:40:40 UTC Added: 05/26/2026, 20:58:22 UTC |
CVE-2026-33022: CWE-129: Improper Validation of Array Index in tektoncd pipelineCVE-2026-33022 0 CVE-2026-33022 is a medium severity denial-of-service vulnerability in Tekton Pipelines affecting multiple versions prior to patched releases. It arises from improper validation of array indices when generating deterministic names for TaskRun or PipelineRun resources with custom resolver names longer than 30 characters. This causes the controller to panic due to invalid string slicing, leading to a cluster-wide controller crash and a CrashLoopBackOff state. The impact blocks all CI/CD pipeline reconciliation until the offending resource is manually removed. Built-in resolvers are unaffected, but any custom resolver name exceeding 30 characters triggers the issue. The vulnerability requires authenticated users with permission to create TaskRun or PipelineRun resources but no user interaction beyond resource creation. Fixed versions have been released that properly truncate the resolver name prefix to prevent the panic. Organizations using Tekton Pipelines with custom resolvers should upgrade immediately to avoid disruption. Join the discussion | CVE Database V5 | 03/20/2026, 07:48:15 UTC Added: 03/20/2026, 07:54:23 UTC |
Showing 1 to 5 of 5 results