{"id":"CVE-2021-1630","details":"XML external entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect CloudHub, GovCloud, Runtime Fabric, Pivotal Cloud Foundry, Private Cloud Edition, and on-premise customers.","modified":"2026-04-11T21:23:20.849377Z","published":"2021-08-05T21:15:10.003Z","references":[{"type":"ADVISORY","url":"https://help.salesforce.com/articleView?id=000362693&type=1&mode=1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mulesoft/mule","events":[{"introduced":"29bba0f231c144bb78c0b1ce076d3e795918d16d"},{"fixed":"4a7afd99415c8cf55d5457f7669f6e83b800a7bb"}],"database_specific":{"versions":[{"introduced":"3.0.0"},{"fixed":"4.3.0"}]}}],"database_specific":{"vanir_signatures_modified":"2026-04-11T21:23:20Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-1630.json","vanir_signatures":[{"target":{"file":"core-tests/src/test/java/org/mule/runtime/core/internal/execution/FlowProcessMediatorTestCase.java"},"source":"https://github.com/mulesoft/mule/commit/4a7afd99415c8cf55d5457f7669f6e83b800a7bb","digest":{"line_hashes":["206013660405118472099462306571550273066","322805366210000275933584203637163022112","281490025932657788537477237418045772419","187119944019147953453932228628449550368","317779795611048870212140154797763515379","129159956497433075458720797567502853154","76018829777303738080019715477886483478","187175473493017642334168869306889163594"],"threshold":0.9},"signature_version":"v1","signature_type":"Line","id":"CVE-2021-1630-251402a3","deprecated":false},{"target":{"file":"core/src/main/java/org/mule/runtime/core/internal/execution/FlowProcessMediator.java"},"source":"https://github.com/mulesoft/mule/commit/4a7afd99415c8cf55d5457f7669f6e83b800a7bb","digest":{"line_hashes":["206013660405118472099462306571550273066","184908311021442019244910854151327032353","94846224986268267774403823860940932594","258239380244891748134380476374563231598","98778845877682511103407157276538980750","130935276404303902423497125024524374610","258154080277559162823642913928007590043","15550409256088347154559686785146549728"],"threshold":0.9},"signature_version":"v1","signature_type":"Line","id":"CVE-2021-1630-e66e789d","deprecated":false}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}