Insufficient Validation in OpenShift Resource for HAProxy Configuration
CVE-2026-1784

8.8HIGH

Key Information:

Vendor

Red Hat
Status
Red Hat Openshift Container Platform 4.13
Red Hat Openshift Container Platform 4.16
Red Hat Openshift Container Platform 4.18
Red Hat Openshift Container Platform 4.19
Vendor
CVE Published:
2 June 2026

What is CVE-2026-1784?

A vulnerability exists in the OpenShift Route resource that improperly validates the spec.path YAML stanza in Route documents. This flaw could enable attackers to inject controlled configurations into the HAProxy, potentially compromising the routing and accessibility of pods. Users are advised to review their Route configurations closely and apply recommended security patches to mitigate this issue.

Affected Version(s)

Red Hat OpenShift Container Platform 4.13 1781123014

Red Hat OpenShift Container Platform 4.16 1780962617

Red Hat OpenShift Container Platform 4.18 1780988280

References

https://access.redhat.com/errata/RHSA-2026:23241
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:23246
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:25045
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.