ГлавнаяУязвимости → CVE-2026-1784
8.8высокая

CVE-2026-1784

Описание

The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was insufficient and could allow a controlled injection of the HAProxy configuration.

Затрагиваемое ПО
Redhat Openshift container platform
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Источники
https://access.redhat.com/errata/RHSA-2026:23241https://access.redhat.com/errata/RHSA-2026:23246https://access.redhat.com/errata/RHSA-2026:25045https://access.redhat.com/errata/RHSA-2026:25182https://access.redhat.com/errata/RHSA-2026:25194https://access.redhat.com/errata/RHSA-2026:26543https://access.redhat.com/errata/RHSA-2026:28893https://access.redhat.com/errata/RHSA-2026:28964