Description
A flaw was found in the OpenShift Container Platform build system. A user with the `edit` ClusterRole can inject arbitrary environment variables, such as `LD_PRELOAD` or `http_proxy`, into `docker-build` containers through the `buildconfigs/instantiate` API. This incomplete fix for a previous vulnerability allows for information disclosure, specifically impacting the confidentiality of build traffic.
Published: 2026-04-28
Score: 4.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in the OpenShift Container Platform build system allows a user with the edit ClusterRole to inject arbitrary environment variables, such as LD_PRELOAD or http_proxy, into docker-build containers through the buildconfigs/instantiate API. This capability enables the attacker to influence the build environment and potentially expose sensitive build traffic, directly compromising the confidentiality of data processed during builds. The vulnerability is a result of incomplete remediation for a prior issue and is classified under CWE‑426.

Affected Systems

The affected system is Red Hat OpenShift Container Platform 4. Specific product versions are not listed in the CNA data; therefore all current 4.x releases are potentially impacted unless a later patch version is released.

Risk and Exploitability

With a CVSS score of 4.3, the vulnerability is deemed moderate in severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires a user with edit role privileges within the cluster, implying that the threat is limited to insiders or compromised accounts rather than external attackers. The impact is primarily a loss of confidentiality for build traffic rather than denial of service or code execution.

Generated by OpenCVE AI on April 28, 2026 at 19:19 UTC.

Remediation

Vendor Workaround

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

OpenCVE Recommended Actions

  • Restrict or remove the ClusterRole 'edit' from users who do not require it, ensuring that only trusted users can instantiate build configurations.
  • Review and sanitize environment variables in Docker build processes, blocking or filtering out sensitive variables such as LD_PRELOAD and http_proxy before they reach the build container.
  • Monitor Red Hat security advisories for an official fix and upgrade the OpenShift Container Platform to a version that addresses the vulnerability as soon as it becomes available.

Generated by OpenCVE AI on April 28, 2026 at 19:19 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 29 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Redhat openshift Container Platform
Vendors & Products Redhat openshift Container Platform

Wed, 29 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Tue, 28 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 28 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Description A flaw was found in the OpenShift Container Platform build system. A user with the `edit` ClusterRole can inject arbitrary environment variables, such as `LD_PRELOAD` or `http_proxy`, into `docker-build` containers through the `buildconfigs/instantiate` API. This incomplete fix for a previous vulnerability allows for information disclosure, specifically impacting the confidentiality of build traffic.
Title Openshift-controller-manager: openshift container platform: information disclosure via environment variable injection
First Time appeared Redhat
Redhat openshift
Weaknesses CWE-426
CPEs cpe:/a:redhat:openshift:4
Vendors & Products Redhat
Redhat openshift
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}

Subscriptions

Redhat Openshift Openshift Container Platform
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-04-28T13:32:18.056Z

Reserved: 2026-04-28T12:24:35.368Z

Link: CVE-2026-7309

cve-icon Vulnrichment

Updated: 2026-04-28T13:32:14.883Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-28T13:19:24.847

Modified: 2026-04-28T20:23:20.703

Link: CVE-2026-7309

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-28T00:00:00Z

Links: CVE-2026-7309 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-29T10:00:09Z

Weaknesses