mulesoft
Top products
Latest CVEs
The 6 most recently published vulnerabilities affecting mulesoft.
- CVE-2020-6937A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion.7.5
- CVE-2020-10991Mulesoft APIkit through 1.3.0 allows XXE because of validation/RestXmlSchemaValidator.java9.8
- CVE-2019-15631Remote Code Execution vulnerability in MuleSoft Mule CE/EE 3.x and API Gateway 2.x released before October 31, 2019 allows remote attackers to execute arbitrary code.9.8
- CVE-2019-13116The MuleSoft Mule Community Edition runtime engine before 3.8 allows remote attackers to execute arbitrary code because of Java Deserialization, related to Apache Commons Collections9.8
- CVE-2019-15630Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher release...7.5
- CVE-2014-9000Mule Enterprise Management Console (MMC) does not properly restrict access to handler/securityService.rpc, which allows remote authenticated users to gain administrator privileges and execute arbit...6.5