github.com/portainer/agent is vulnerable to information disclosure. The API server may continue running even after the associated Portainer
instance connection is terminated allowing remote attackers to gain access to sensitive information.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/portainer/agent | le | 2.11.0 | |
github.com/portainer/agent | le | 2.11.0 |
github.com/portainer/agent/commit/e39fe0173fc4e63da02c56d10ca11f9967ed2e07
github.com/portainer/agent/compare/2.11.0...2.11.1
github.com/portainer/agent/pull/225
github.com/portainer/agent/pull/225/commits/a66977c76043fcff4a8f69c4b65988272d27c01f
github.com/portainer/portainer/issues/6420
www.portainer.io/blog/should-you-expose-portainer-or-agent-to-the-internet