CVE-2026-1784
EUVD-2026-3388302.06.2026, 09:16
The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was insufficient and could allow a controlled injection of the HAProxy configuration.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| redhat | openshift_container_platform | 4.0 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| Red Hat | Red Hat OpenShift Container Platform 4.13 | 1781123014 ≤ 𝑥 < * | ADP |
| Red Hat | Red Hat OpenShift Container Platform 4.14 | 1781870101 ≤ 𝑥 < * | ADP |
| Red Hat | Red Hat OpenShift Container Platform 4.15 | 1781928857 ≤ 𝑥 < * | ADP |
| Red Hat | Red Hat OpenShift Container Platform 4.16 | 1780962617 ≤ 𝑥 < * | ADP |
| Red Hat | Red Hat OpenShift Container Platform 4.18 | 1780988280 ≤ 𝑥 < * | ADP |
| Red Hat | Red Hat OpenShift Container Platform 4.19 | 1780043338 ≤ 𝑥 < * | ADP |
| Red Hat | Red Hat OpenShift Container Platform 4.20 | 1780990977 ≤ 𝑥 < * | ADP |
| Red Hat | Red Hat OpenShift Container Platform 4.21 | 1780444348 ≤ 𝑥 < * | ADP |
Common Weakness Enumeration
References