93 matches found
Mule modules contain Directory Traversal
Directory Traversal in APIkit, http-connector, and OAuth2 Provider modules in Mulesoft 3.x, 4.x and Mulesoft API Gateway all versions released before August 1, 2019 allow remote attackers to read files accessible to the Mule process...
MuleSoft Mule 代码问题漏洞
Mulesoft MuleSoft Mule is a lightweight integration platform from the US company MuleSoft Mulesoft. The platform supports message routing, data mapping, etc. between management nodes. A security vulnerability exists in MuleSoft Mule that stems from MuleSoft's discovery of an XML External Entity X...
CVE-2021-1626
MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021...
CVE-2021-1628
MuleSoft is aware of a XML External Entity XXE vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021...
CVE-2021-1627
MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021...
CVE-2021-1627
MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021...
CVE-2021-1626
MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021...
CVE-2021-1628
MuleSoft is aware of a XML External Entity XXE vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021...
Server side request forgery (ssrf)
MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021...
Remote code execution
MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021...
Xxe
MuleSoft is aware of a XML External Entity XXE vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021...
CVE-2021-1628
CVE-2021-1628 : MuleSoft’s XXE vulnerability affects MuleSoft Mule 4.x runtime versions released before 2 Feb 2021, impacting both CloudHub and on‑premise deployments. The issue stems from XML External Entity handling in the Mule runtime component. The connected documents confirm the affected pro...
CVE-2021-1628
MuleSoft is aware of a XML External Entity XXE vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021...
CVE-2021-1627
CVE-2021-1627 affects MuleSoft Mule runtime components (CloudHub and on‑premise) with SSRF in Mule 3.8.x, 3.9.x, and 4.x released before 2021-02-02. Documented impact per CVSS metrics: CVSS2 base 7.5 (HIGH) and CVSS3.1 base 9.8 (CRITICAL) with network attack vector, no authentication, and partial...
CVE-2021-1627
MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021...
CVE-2021-1626
CVE-2021-1626 affects MuleSoft Mule runtime components, potentially impacting CloudHub and on‑premise deployments. Affected versions are Mule 4.1.x and 4.2.x released before February 2, 2021. The connected documents confirm the remote code execution impact but do not provide an explicit fix versi...
CVE-2021-1626
MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021...
MuleSoft Mule 安全漏洞
Mulesoft MuleSoft Mule is a lightweight integration platform from the US company MuleSoft Mulesoft. The platform supports message routing, data mapping, etc. between management nodes. A security vulnerability exists in MuleSoft Mule, which can be exploited by attackers to remotely execute arbitra...
MuleSoft Mule 代码问题漏洞
Mulesoft MuleSoft Mule is a lightweight integration platform from the US company MuleSoft Mulesoft. The platform supports management of message routing between nodes, data mapping, and more. A security vulnerability exists in MuleSoft Mule 4.x runtime released before February 2, 2021, which...
MuleSoft Mule Resource Management Error Vulnerability
MuleSoft Mule is a lightweight integration platform from MuleSoft, USA. The platform supports management of message routing between nodes, data mapping, and more. A security vulnerability exists in MuleSoft Mule Community and Enterprise Editions versions 3.8.x, 3.9.x, and 4.x released before Apri...