Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mulesoft mule runtime vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-1626
MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021.
Salesforce Mule
7.5
CVSSv2
CVE-2021-1627
MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021.
Salesforce Mule
7.5
CVSSv2
CVE-2021-1628
MuleSoft is aware of a XML External Entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021.
Salesforce Mule
5
CVSSv2
CVE-2020-6937
A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote malicious users to submit data which can lead to resource exhaustion.
Mulesoft Mule Runtime
7.5
CVSSv2
CVE-2019-15631
Remote Code Execution vulnerability in MuleSoft Mule CE/EE 3.x and API Gateway 2.x released before October 31, 2019 allows remote malicious users to execute arbitrary code.
Mulesoft Api Gateway
Mulesoft Mule Runtime
7.5
CVSSv2
CVE-2019-13116
The MuleSoft Mule Community Edition runtime engine prior to 3.8 allows remote malicious users to execute arbitrary code because of Java Deserialization, related to Apache Commons Collections
Mulesoft Mule Runtime
5
CVSSv2
CVE-2019-15630
Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before Au...
Mulesoft Api Gateway
Mulesoft Mule Runtime
6.5
CVSSv2
CVE-2014-9000
Mule Enterprise Management Console (MMC) does not properly restrict access to handler/securityService.rpc, which allows remote authenticated users to gain administrator privileges and execute arbitrary code via a crafted request that adds a new user. NOTE: this issue was original...
Mulesoft Mule Enterprise Management Console -
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started