Vulnerabilities > Portainer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-11 | CVE-2022-24961 | Unspecified vulnerability in Portainer In Portainer Agent before 2.11.1, an API server can continue running even if not associated with a Portainer instance in the past few days. | 7.5 |
| 2021-10-29 | CVE-2021-41874 | Unspecified vulnerability in Portainer An unauthorized access vulnerabiitly exists in all versions of Portainer, which could let a malicious user obtain sensitive information. | 7.5 |
| 2021-10-18 | CVE-2021-42650 | Cross-site Scripting vulnerability in Portainer Cross Site Scripting (XSS vulnerability exists in Portainer before 2.9.1 via the node input box in Custom Templates. | 4.3 |
| 2021-03-16 | CVE-2020-24264 | Incorrect Authorization vulnerability in Portainer Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. | 10.0 |
| 2021-03-16 | CVE-2020-24263 | Incorrect Permission Assignment for Critical Resource vulnerability in Portainer Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. | 6.5 |
| 2019-11-07 | CVE-2019-16878 | Cross-site Scripting vulnerability in Portainer Portainer before 1.22.1 has XSS (issue 2 of 2). | 3.5 |
| 2019-11-07 | CVE-2019-16877 | Unspecified vulnerability in Portainer Portainer before 1.22.1 has Incorrect Access Control (issue 4 of 4). | 6.5 |
| 2019-11-07 | CVE-2019-16876 | Path Traversal vulnerability in Portainer Portainer before 1.22.1 allows Directory Traversal. | 5.0 |
| 2019-11-07 | CVE-2019-16872 | Unspecified vulnerability in Portainer Portainer before 1.22.1 has Incorrect Access Control (issue 1 of 4). | 9.0 |
| 2019-11-07 | CVE-2019-16874 | Unspecified vulnerability in Portainer Portainer before 1.22.1 has Incorrect Access Control (issue 2 of 4). | 4.0 |