4 matches found
CVE-2019-15630
CVE-2019-15630 describes a directory traversal vulnerability affecting MuleSoft products: APIkit, HTTP connector, and OAuth2 Provider components in Mule Runtime 3.x/4.x and all MuleSoft API Gateway versions released before August 1, 2019. The issue permits remote attackers to read files accessibl...
CVE-2019-13116
CVE-2019-13116 affects MuleSoft Mule Community Edition runtime prior to 3.8, where Java deserialization tied to Apache Commons Collections enables remote code execution. Public sources in connected documents identify the underlying issue and confirm the vulnerability class. Remediation details pr...
CVE-2020-6937
CVE-2020-6937 is a Denial of Service vulnerability affecting MuleSoft Mule CE/EE (Community and Enterprise Editions) versions 3.8.x, 3.9.x, and 4.x released before 7 Apr 2020. The issue allows remote attackers to submit data, causing resource exhaustion. Public references in NVD describe the vuln...
CVE-2019-15631
CVE-2019-15631 is a remote code execution vulnerability affecting MuleSoft Mule CE/EE 3.x and API Gateway 2.x, described as exploitable to run arbitrary code by a remote attacker and linked to releases before 31 October 2019. The connected records consistently identify the affected product family...