This Jira only contains impact assessment for OCPBUGS-15333 (for 4.14), OCPBUGS-15335 (for 4.13.z), and OCPBUGS-15535 (for 4.12.z). Check the bug for more details. This issue does not appear for the PipelineRuns. We noticed it only happened when Pipeline is get created from the Import from Git form and when the user Rerun the PipelineRun from the Console. And this issue can be resolved by removing the incorrect annotation 'tekton.dev/v1beta1TaskRuns' from the PipelineRun.

Which 4.y.z to 4.y'.z' updates increase vulnerability?

• 4.12.9 and 4.13.1

Which types of clusters?

• 4.12.9+, 4.13.1+ with Red Hat Pipeline Operator 1.11

What is the impact? Is it serious enough to warrant removing update recommendations?

• When the user creates a Pipeline using the Import from Git flow and Rerun the PipelineRun from the console UI then PipelineRun failed with error in the log like `'Tasks Completed: 3 (Failed: 1, Cancelled 0), Skipped: 1.'`. This issue can be resolved by removing the incorrect annotation 'tekton.dev/v1beta1TaskRuns' from the PipelineRun.

How involved is remediation?

• PipelineRun will run successfully after removing the incorrect annotation 'tekton.dev/v1beta1TaskRuns' from the PipelineRun.

Is this a regression?

• Yes, from 4.12.9 and 4.13.1
• example: Yes, from 4.y.z to 4.y+1.z Or 4.y.z to 4.y.z+1.