← Back

Api Gateway

api_gateway

Vendor: Mulesoft • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-15631
1Mulesoft
2Api Gateway
Mule Runtime
Nov 21, 2024
Dec 2, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Remote Code Execution vulnerability in MuleSoft Mule CE/EE 3.x and API Gateway 2.x released before October 31, 2019 allows remote attackers to execute arbitrary code.
CVE-2019-15630
1Mulesoft
2Api Gateway
Mule Runtime
Nov 21, 2024
Aug 30, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019,...Show more
Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before August 1 2019 allow remote attackers to read files accessible to the Mule process.Show less