GHSA-RMX9-2PP3-XHCR Tekton Pipelines has VerificationPolicy regex pattern bypass via substring matching

hey guys, triage contract this is a first-screen summary; deterministic proof is in the proof bundle canonical.log/control.log/witness.txt. summary trusted resources verification policies match a resource source string refSource.URI against spec.resources.pattern using regexp.MatchString. in go,...

Tekton Pipelines has VerificationPolicy regex pattern bypass via substring matching

hey guys, triage contract this is a first-screen summary; deterministic proof is in the proof bundle canonical.log/control.log/witness.txt. summary trusted resources verification policies match a resource source string refSource.URI against spec.resources.pattern using regexp.MatchString. in go,...

EUVD-2026-24151

Tekton Pipelines has VerificationPolicy regex pattern bypass via substring matching...

CVE-2026-25542 Tekton Pipelines: VerificationPolicy regex pattern bypass via substring matching

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.43.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, trusted resources verification policies match a resource source string refSource.URI against spec.resources.pattern...

CVE-2026-25542 Tekton Pipelines: VerificationPolicy regex pattern bypass via substring matching

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.43.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, trusted resources verification policies match a resource source string refSource.URI against spec.resources.pattern...

Permissive Regular Expression

Overview Affected versions of this package are vulnerable to Permissive Regular Expression in the VerificationPolicy module when matchin refSource.URITekton. An attacker can alter verification modes or keys and potentially compromise the integrity of CI/CD pipelines by supplying resources source...

CVE-2026-25542

Tekton Pipelines CVE-2026-25542 affects versions 0.43.0–1.11.0. The vulnerability arises because trusted resources verification policies compare refSource.URI against spec.resources[].pattern using Go’s regexp.MatchString, which reports a match if the pattern appears anywhere in the string. Unanc...

PT-2026-34001

Name of the Vulnerable Software and Affected Versions Tekton Pipelines versions 0.43.0 through 1.11.0 Description Trusted resources verification policies match a resource source string refSource.URI against spec.resources.pattern using the regexp.MatchString function. Because this function report...

org.keycloak.protocol.services: Keycloak hostname verification

A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended...

GHSA-HW58-3793-42GG Keycloak hostname verification

A flaw was found in Keycloak. By setting a verification policy to 'ANY', the trust store certificate verification is skipped, which is unintended...

org.keycloak.protocol.services: Keycloak hostname verification

A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended...

GHSA-R934-W73G-V4P8 Duplicate Advisory: Keycloak hostname verification

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hw58-3793-42gg. This link is maintained to preserve external references. Original Description A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is...

Duplicate Advisory: Keycloak hostname verification

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hw58-3793-42gg. This link is maintained to preserve external references. Original Description A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is...

CVE-2025-3501

A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended...

PT-2025-18207 · Red Hat · Keycloak

Name of the Vulnerable Software and Affected Versions: Keycloak affected versions not specified Description: A flaw was found in Keycloak where setting a verification policy to 'ALL' skips the trust store certificate verification, which is unintended. Recommendations: At the moment, there is no...

PHP Multiple Vulnerabilities (Sep 2009)

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...

PHP 5.2.10及之前版本存在多个安全漏洞

Bugraq ID: 36449 PHP是一款流行的网络编程语言。 PHP存在多个未明安全问题，具体如下： -phpopensslapplyverificationpolicy中存在证书校验问题。 -imagecolortransparent对颜色索引缺少充分过滤检查。 -对exif处理缺少充分的过滤检查。 PHP PHP 5.2.10 PHP PHP 5.2.9 -2 PHP PHP 5.2.9 PHP PHP 5.2.8 PHP PHP 5.2.7 PHP PHP 5.2.6 PHP PHP 5.2.5 PHP PHP 5.2.4 PHP PHP 5.2.3 PHP PHP 5.2....