Lucene search
K

93 matches found

Github Security Blog
Github Security Blog
added 2022/05/24 4:55 p.m.24 views

Mule modules contain Directory Traversal

Directory Traversal in APIkit, http-connector, and OAuth2 Provider modules in Mulesoft 3.x, 4.x and Mulesoft API Gateway all versions released before August 1, 2019 allow remote attackers to read files accessible to the Mule process...

7.5CVSS6.8AI score0.02998EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2021/08/05 12:0 a.m.3 views

MuleSoft Mule 代码问题漏洞

Mulesoft MuleSoft Mule is a lightweight integration platform from the US company MuleSoft Mulesoft. The platform supports message routing, data mapping, etc. between management nodes. A security vulnerability exists in MuleSoft Mule that stems from MuleSoft's discovery of an XML External Entity X...

7.5CVSS7.3AI score0.01074EPSS
Exploits0References1
NVD
NVD
added 2021/03/26 5:15 p.m.19 views

CVE-2021-1626

MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021...

9.8CVSS0.02031EPSS
Exploits0References1
NVD
NVD
added 2021/03/26 5:15 p.m.27 views

CVE-2021-1628

MuleSoft is aware of a XML External Entity XXE vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021...

9.8CVSS0.01198EPSS
Exploits0References1
OSV
OSV
added 2021/03/26 5:15 p.m.16 views

CVE-2021-1627

MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021...

9.8CVSS6.9AI score
Exploits0References1
NVD
NVD
added 2021/03/26 5:15 p.m.16 views

CVE-2021-1627

MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021...

9.8CVSS0.01043EPSS
Exploits0References1
OSV
OSV
added 2021/03/26 5:15 p.m.10 views

CVE-2021-1626

MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021...

9.8CVSS7.6AI score
Exploits0References1
OSV
OSV
added 2021/03/26 5:15 p.m.8 views

CVE-2021-1628

MuleSoft is aware of a XML External Entity XXE vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021...

9.8CVSS6.9AI score
Exploits0References1
Prion
Prion
added 2021/03/26 5:15 p.m.12 views

Server side request forgery (ssrf)

MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021...

7.5CVSS9.4AI score0.01043EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/03/26 5:15 p.m.17 views

Remote code execution

MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021...

7.5CVSS9.6AI score0.02031EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/03/26 5:15 p.m.13 views

Xxe

MuleSoft is aware of a XML External Entity XXE vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021...

7.5CVSS9.4AI score0.01198EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/03/26 4:19 p.m.175 views

CVE-2021-1628

CVE-2021-1628 : MuleSoft’s XXE vulnerability affects MuleSoft Mule 4.x runtime versions released before 2 Feb 2021, impacting both CloudHub and on‑premise deployments. The issue stems from XML External Entity handling in the Mule runtime component. The connected documents confirm the affected pro...

9.8CVSS9.4AI score0.01198EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/03/26 4:19 p.m.26 views

CVE-2021-1628

MuleSoft is aware of a XML External Entity XXE vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021...

9.6AI score0.01198EPSS
Exploits0References1
CVE
CVE
added 2021/03/26 4:17 p.m.172 views

CVE-2021-1627

CVE-2021-1627 affects MuleSoft Mule runtime components (CloudHub and on‑premise) with SSRF in Mule 3.8.x, 3.9.x, and 4.x released before 2021-02-02. Documented impact per CVSS metrics: CVSS2 base 7.5 (HIGH) and CVSS3.1 base 9.8 (CRITICAL) with network attack vector, no authentication, and partial...

9.8CVSS9.4AI score0.01043EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/03/26 4:17 p.m.24 views

CVE-2021-1627

MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021...

9.7AI score0.01043EPSS
Exploits0References1
CVE
CVE
added 2021/03/26 4:17 p.m.38 views

CVE-2021-1626

CVE-2021-1626 affects MuleSoft Mule runtime components, potentially impacting CloudHub and on‑premise deployments. Affected versions are Mule 4.1.x and 4.2.x released before February 2, 2021. The connected documents confirm the remote code execution impact but do not provide an explicit fix versi...

9.8CVSS9.7AI score0.02031EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/03/26 4:17 p.m.23 views

CVE-2021-1626

MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021...

9.9AI score0.02031EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/03/26 12:0 a.m.3 views

MuleSoft Mule 安全漏洞

Mulesoft MuleSoft Mule is a lightweight integration platform from the US company MuleSoft Mulesoft. The platform supports message routing, data mapping, etc. between management nodes. A security vulnerability exists in MuleSoft Mule, which can be exploited by attackers to remotely execute arbitra...

9.8CVSS8.6AI score0.02031EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/03/26 12:0 a.m.5 views

MuleSoft Mule 代码问题漏洞

Mulesoft MuleSoft Mule is a lightweight integration platform from the US company MuleSoft Mulesoft. The platform supports management of message routing between nodes, data mapping, and more. A security vulnerability exists in MuleSoft Mule 4.x runtime released before February 2, 2021, which...

9.8CVSS8.3AI score0.01198EPSS
Exploits0References2
CNVD
CNVD
added 2020/06/01 12:0 a.m.2 views

MuleSoft Mule Resource Management Error Vulnerability

MuleSoft Mule is a lightweight integration platform from MuleSoft, USA. The platform supports management of message routing between nodes, data mapping, and more. A security vulnerability exists in MuleSoft Mule Community and Enterprise Editions versions 3.8.x, 3.9.x, and 4.x released before Apri...

7.5CVSS6.7AI score0.01245EPSS
Exploits0References1
Rows per page
Query Builder