Affected by GO-2023-1901
and 7 other vulnerabilities
GO-2023-1901: Pipelines do not validate child UIDs in github.com/tektoncd/pipeline
GO-2026-4730: Tekton Pipelines controller panic via long resolver name in TaskRun/PipelineRun in github.com/tektoncd/pipeline
GO-2026-4761: Path traversal in Tekton Pipelines git resolver allows reading arbitrary files from the resolver pod in github.com/tektoncd/pipeline
GO-2026-5272: Tekton Pipeline: Git Resolver Unsanitized Revision Parameter Enables git Argument Injection Leading to RCE in github.com/tektoncd/pipeline
GO-2026-5486: Tekton Pipelines: HTTP Resolver Unbounded Response Body Read Enables Denial of Service via Memory Exhaustion in github.com/tektoncd/pipeline
GO-2026-5630: Tekton Pipelines has VerificationPolicy regex pattern bypass via substring matching in github.com/tektoncd/pipeline
GO-2026-5643: Tekton Pipelines: VolumeMount path restriction bypass via missing filepath.Clean in /tekton/ check in github.com/tektoncd/pipeline
GO-2026-5711: Tekton Pipelines: Git resolver API mode leaks system-configured API token to user-controlled serverURL in github.com/tektoncd/pipeline
GetVirtualLimitRange returns a pointer to a single LimitRange representing the most restrictive
requirements of all LimitRanges present in the namespace, or a nil pointer if there are no LimitRanges.
This LimitRange meets the following constraints:
- Its max is the smallest max of all the LimitRanges
- Its min is the largest min of all the LimitRanges
- Its maxLimitRequestRatio is the smallest maxLimitRequestRatio of all the LimitRanges
- Its default is the smallest default of any of the LimitRanges that fits within the minimum and maximum
- Its defaultRequest is the smallest defaultRequest of any of the LimitRanges that fits within the minimum and maximum
This function isn't guaranteed to return a LimitRange with consistent constraints.
For example, the minimum could be greater than the maximum.