Vulnerabilities > Portainer > Portainer > 1.22.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-11 | CVE-2022-24961 | Unspecified vulnerability in Portainer In Portainer Agent before 2.11.1, an API server can continue running even if not associated with a Portainer instance in the past few days. | 7.5 |
| 2021-10-18 | CVE-2021-42650 | Cross-site Scripting vulnerability in Portainer Cross Site Scripting (XSS vulnerability exists in Portainer before 2.9.1 via the node input box in Custom Templates. | 4.3 |
| 2021-03-16 | CVE-2020-24264 | Incorrect Authorization vulnerability in Portainer Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. | 10.0 |
| 2021-03-16 | CVE-2020-24263 | Incorrect Permission Assignment for Critical Resource vulnerability in Portainer Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. | 6.5 |