CVE-2026-1784

EUVD-2026-33883
The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was insufficient and could allow a controlled injection of the HAProxy configuration.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
Affected Products (NVD)
VendorProductVersion
redhatopenshift_container_platform
4.0
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
Red HatRed Hat OpenShift Container Platform 4.13
1781123014 ≤
𝑥
< *
ADP
Red HatRed Hat OpenShift Container Platform 4.14
1781870101 ≤
𝑥
< *
ADP
Red HatRed Hat OpenShift Container Platform 4.15
1781928857 ≤
𝑥
< *
ADP
Red HatRed Hat OpenShift Container Platform 4.16
1780962617 ≤
𝑥
< *
ADP
Red HatRed Hat OpenShift Container Platform 4.18
1780988280 ≤
𝑥
< *
ADP
Red HatRed Hat OpenShift Container Platform 4.19
1780043338 ≤
𝑥
< *
ADP
Red HatRed Hat OpenShift Container Platform 4.20
1780990977 ≤
𝑥
< *
ADP
Red HatRed Hat OpenShift Container Platform 4.21
1780444348 ≤
𝑥
< *
ADP