Filtered by vendor Mulesoft
Subscribe
Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-6937 | 1 Mulesoft | 1 Mule Runtime | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion. | |||||
CVE-2020-10991 | 1 Mulesoft | 1 Aplkit | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Mulesoft APIkit through 1.3.0 allows XXE because of validation/RestXmlSchemaValidator.java | |||||
CVE-2019-15631 | 1 Mulesoft | 2 Api Gateway, Mule Runtime | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Remote Code Execution vulnerability in MuleSoft Mule CE/EE 3.x and API Gateway 2.x released before October 31, 2019 allows remote attackers to execute arbitrary code. | |||||
CVE-2019-15630 | 1 Mulesoft | 2 Api Gateway, Mule Runtime | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before August 1 2019 allow remote attackers to read files accessible to the Mule process. | |||||
CVE-2019-13116 | 1 Mulesoft | 1 Mule Runtime | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The MuleSoft Mule Community Edition runtime engine before 3.8 allows remote attackers to execute arbitrary code because of Java Deserialization, related to Apache Commons Collections | |||||
CVE-2014-9000 | 1 Mulesoft | 1 Mule Enterprise Management Console | 2024-11-21 | 6.5 MEDIUM | N/A |
Mule Enterprise Management Console (MMC) does not properly restrict access to handler/securityService.rpc, which allows remote authenticated users to gain administrator privileges and execute arbitrary code via a crafted request that adds a new user. NOTE: this issue was originally reported for ESB Runtime 3.5.1, but it originates in MMC. |