Portainer: >> Portainer >> 1.24.2 Security Vulnerabilities
Portainer before 2.20.2 improperly uses an encryption algorithm in the AesEncrypt function.
CVSS Score
7.5
EPSS Score
0.0
Published
2024-10-02
Portainer before 2.20.0 allows redirects when the target is not index.yaml.
CVSS Score
9.1
EPSS Score
0.001
Published
2024-04-26
In Portainer Agent before 2.11.1, an API server can continue running even if not associated with a Portainer instance in the past few days.
CVSS Score
9.8
EPSS Score
0.009
Published
2022-02-11
Cross Site Scripting (XSS vulnerability exists in Portainer before 2.9.1 via the node input box in Custom Templates.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-10-18