Skip to main content

Spinnaker CVE-2026-32604

| EUVDEUVD-2026-23963 CRITICAL
Improper Input Validation (CWE-20)
2026-04-20 GitHub_M GHSA-x3j7-7pgj-h87r
9.9
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
9.9 CRITICAL
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

8
Patch released
Apr 23, 2026 - 18:30 nvd
Patch available
Re-analysis Queued
Apr 21, 2026 - 16:22 vuln.today
cvss_changed
Patch available
Apr 20, 2026 - 22:31 EUVD
Analysis Generated
Apr 20, 2026 - 21:44 vuln.today
CVSS changed
Apr 20, 2026 - 21:22 NVD
10.0 (CRITICAL) 9.9 (CRITICAL)
EUVD ID Assigned
Apr 20, 2026 - 21:15 euvd
EUVD-2026-23963
Analysis Generated
Apr 20, 2026 - 21:15 vuln.today
CVE Published
Apr 20, 2026 - 20:00 nvd
CRITICAL 9.9

DescriptionGitHub Advisory

Spinnaker is an open source, multi-cloud continuous delivery platform. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, a bad actor can execute arbitrary commands very simply on the clouddriver pods. This can expose credentials, remove files, or inject resources easily. Versions 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2 contain a patch. As a workaround, disable the gitrepo artifact types.

AnalysisAI

Remote code execution in Spinnaker's clouddriver component allows authenticated attackers to execute arbitrary commands on clouddriver pods via gitrepo artifact processing. Affects all versions prior to patched releases 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2. The vulnerability enables credential theft, file manipulation, and resource injection with minimal complexity (CVSS 9.9, AV:N/AC:L/PR:L). EPSS data not available; no public exploit or active exploitation confirmed at time of analysis, but the attack simplicity and multi-cloud CD platform context create high risk for supply chain compromise in containerized environments.

Technical ContextAI

Spinnaker is a multi-cloud continuous delivery platform developed by Netflix, commonly deployed in Kubernetes environments to orchestrate application deployments across AWS, GCP, Azure, and other cloud providers. The clouddriver component serves as Spinnaker's primary integration point with cloud providers and artifact sources. This vulnerability (CWE-20: Improper Input Validation) exists in the gitrepo artifact type handler within clouddriver. When processing git repository artifacts, insufficient validation of user-supplied input allows command injection, enabling attackers to execute arbitrary shell commands within the clouddriver pod's security context. The CPE cpe:2.3:a:spinnaker:spinnaker identifies the affected platform broadly, with the vulnerability specifically impacting versions across multiple release branches (2025.3.x, 2025.4.x, 2026.0.x) prior to the patched versions. The scope change (S:C in CVSS) indicates the vulnerability can impact resources beyond the clouddriver container itself, likely due to the component's privileged access to cloud credentials and Kubernetes cluster resources.

RemediationAI

Upgrade to vendor-released patched versions: 2026.1.0, 2026.0.1, 2025.4.2, or 2025.3.2 depending on your current release branch (https://github.com/spinnaker/spinnaker/releases). For immediate mitigation if patching is delayed, disable gitrepo artifact types in Spinnaker configuration (clouddriver.yml or halyard config). This workaround prevents exploitation but will break pipelines dependent on git repository artifacts - test impact on existing deployments before applying. Alternative compensating controls include restricting network access to Spinnaker API/UI to trusted networks only (limits AV:N exposure), implementing strict authentication controls to minimize PR:L attack surface, and monitoring clouddriver pod exec events via Kubernetes audit logs for suspicious command execution. If gitrepo artifacts must remain enabled pre-patch, apply strict input validation at pipeline definition level and restrict repository sources to trusted internal git servers only. Note that disabling gitrepo artifacts requires pipeline reconfiguration and may necessitate alternative artifact delivery mechanisms (Docker registry, S3, GCS). Review clouddriver pod service account permissions and apply least-privilege principles to limit blast radius of successful exploitation.

Share

CVE-2026-32604 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy