Product Release Advisory -VMware Tanzu Gemfire

VMware Tanzu Gemfire

0 more products

25543

26 March 2025

26 March 2025

CLOSED

CRITICAL

10.0

Multiple - see advisory

Product Release Advisory

Advisory ID:

TNZ-2025-016

Severity:

Critical

Issue Date:

2025-03-21

Updated on:

2025-03-26

Synopsis

Bumped multiple dependencies, which resulted in at least 6 CVEs remediated in this release

Product Version Release Advisory

Security Fixes

This release has the following security fixes, listed by component and area.

Component

Vulnerabilities Resolved

DOMPurify

CVE-2024-47875 (critical) 

CVE-2024-45801 (high)
CVE-2025-26791 (medium)

Netty

CVE-2024-47535 (medium) 

Jetty

CVE-2024-8184 (medium)
CVE-2024-6763 (medium)

History

2025-03-26: Initial vulnerability report published.

Contact

E-mail: [email protected]

VMware Tanzu Security Advisories
https://support.broadcom.com/group/ecx/security-advisory?segment=VT