Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Mulesoft Subscribe
Filtered by product Mule Runtime
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-6937 1 Mulesoft 1 Mule Runtime 2021-07-21 5.0 MEDIUM 7.5 HIGH
A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion.
CVE-2019-15631 1 Mulesoft 2 Api Gateway, Mule Runtime 2019-12-13 7.5 HIGH 9.8 CRITICAL
Remote Code Execution vulnerability in MuleSoft Mule CE/EE 3.x and API Gateway 2.x released before October 31, 2019 allows remote attackers to execute arbitrary code.
CVE-2019-13116 1 Mulesoft 1 Mule Runtime 2019-10-29 7.5 HIGH 9.8 CRITICAL
The MuleSoft Mule Community Edition runtime engine before 3.8 allows remote attackers to execute arbitrary code because of Java Deserialization, related to Apache Commons Collections
CVE-2019-15630 1 Mulesoft 2 Api Gateway, Mule Runtime 2019-09-05 5.0 MEDIUM 7.5 HIGH
Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before August 1 2019 allow remote attackers to read files accessible to the Mule process.