Vulnerabilities > Portainer

DATE CVE VULNERABILITY TITLE RISK
2022-02-11 CVE-2022-24961 Unspecified vulnerability in Portainer
In Portainer Agent before 2.11.1, an API server can continue running even if not associated with a Portainer instance in the past few days.
network
low complexity
portainer
7.5
2021-10-29 CVE-2021-41874 Unspecified vulnerability in Portainer
An unauthorized access vulnerabiitly exists in all versions of Portainer, which could let a malicious user obtain sensitive information.
network
low complexity
portainer
7.5
2021-10-18 CVE-2021-42650 Cross-site Scripting vulnerability in Portainer
Cross Site Scripting (XSS vulnerability exists in Portainer before 2.9.1 via the node input box in Custom Templates.
network
portainer CWE-79
4.3
2021-03-16 CVE-2020-24264 Incorrect Authorization vulnerability in Portainer
Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution.
network
low complexity
portainer CWE-863
critical
10.0
2021-03-16 CVE-2020-24263 Incorrect Permission Assignment for Critical Resource vulnerability in Portainer
Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution.
network
low complexity
portainer CWE-732
6.5
2019-11-07 CVE-2019-16878 Cross-site Scripting vulnerability in Portainer
Portainer before 1.22.1 has XSS (issue 2 of 2).
network
portainer CWE-79
3.5
2019-11-07 CVE-2019-16877 Unspecified vulnerability in Portainer
Portainer before 1.22.1 has Incorrect Access Control (issue 4 of 4).
network
low complexity
portainer
6.5
2019-11-07 CVE-2019-16876 Path Traversal vulnerability in Portainer
Portainer before 1.22.1 allows Directory Traversal.
network
low complexity
portainer CWE-22
5.0
2019-11-07 CVE-2019-16872 Unspecified vulnerability in Portainer
Portainer before 1.22.1 has Incorrect Access Control (issue 1 of 4).
network
low complexity
portainer
critical
9.0
2019-11-07 CVE-2019-16874 Unspecified vulnerability in Portainer
Portainer before 1.22.1 has Incorrect Access Control (issue 2 of 4).
network
low complexity
portainer
4.0