Mule Runtime

mule_runtime

Vendor: Mulesoft • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-6937 1Mulesoft 1Mule Runtime Nov 21, 2024 May 29, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion.
CVE-2019-15631 1Mulesoft 2Api Gateway Mule Runtime Nov 21, 2024 Dec 2, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Remote Code Execution vulnerability in MuleSoft Mule CE/EE 3.x and API Gateway 2.x released before October 31, 2019 allows remote attackers to execute arbitrary code.
CVE-2019-13116 1Mulesoft 1Mule Runtime Nov 21, 2024 Oct 16, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The MuleSoft Mule Community Edition runtime engine before 3.8 allows remote attackers to execute arbitrary code because of Java Deserialization, related to Apache Commons Collections
CVE-2019-15630 1Mulesoft 2Api Gateway Mule Runtime Nov 21, 2024 Aug 30, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019,...Show more Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before August 1 2019 allow remote attackers to read files accessible to the Mule process.Show less