Primary

Context

OpenShift Container Platform Environment Variable Injection Vulnerability in Docker Builds

Vulnerability

A vulnerability exists in the OpenShift Container Platform build system, allowing users with the 'edit' ClusterRole to inject arbitrary environment variables into 'docker-build' containers via the 'buildconfigs/instantiate' API. This issue, stemming from an incomplete fix for a prior vulnerability, could lead to information disclosure by manipulating build traffic confidentiality.

Impact

Exploitation of this vulnerability could result in unauthorized injection of environment variables, potentially leading to information disclosure by intercepting and manipulating build traffic.

Reproduction

The vulnerability can be reproduced by a user with the 'edit' ClusterRole. Inject arbitrary environment variables, such as 'LD_PRELOAD' or 'http_proxy', into 'docker-build' containers through the 'buildconfigs/instantiate' API. The environment variable injection will propagate to the 'docker-build' container, which remains privileged.

Added: Apr 28, 2026, 1:22 PM

Updated: Apr 28, 2026, 1:22 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

0.6

exploitability

5.1

remediation

0.0

relevance

6.5

threat

1.6

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

0.6

exploitability

5.1

remediation

0.0

relevance

6.5

threat

1.6

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenShift Container Platform Environment Variable Injection Vulnerability in Docker Builds

Vulnerability

Impact

Reproduction

Affected Products

Red Hat OpenShift Container Platform

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating