Product Release Advisory - VMware Tanzu for Valkey on Kubernetes 1.1.0

VMware Tanzu Data Services

5 more products

35839

18 June 2025

18 June 2025

CLOSED

CRITICAL

9.8

See CVE list in advisory

Product Release Advisory

Advisory ID:

TNZ-2025-0027

Severity:

Critical

Issue Date:

June 18, 2025

Updated on:

June 18, 2025

Synopsys

Bumped multiple dependency updates, which resulted in 48 CVEs remediated in this release.

Product Version Release Advisory

Security Fixes

This release has the following security fixes, listed by component and area.

Component

Vulnerabilities Resolved

tanzu-valkey-kubernetes

CVE-2023-29405 (critical)

CVE-2023-24540 (critical)

CVE-2025-22871 (critical)

CVE-2023-45853 (critical)

CVE-2024-24790 (critical)

CVE-2022-0543 (critical)

CVE-2023-29404 (critical)

CVE-2023-24531 (critical)

CVE-2023-29402 (critical)

​​CVE-2024-24791 (high)

CVE-2023-29400 (high)

CVE-2023-31484 (high)

CVE-2024-46981 (high)

CVE-2024-34156 (high)

CVE-2023-45285 (high)

CVE-2024-24784 (high)

CVE-2023-39323 (high)

CVE-2025-22866 (high)

CVE-2024-56406 (high)

CVE-2023-45287 (high)

CVE-2025-31115 (high)

CVE-2023-29403 (high)

CVE-2024-34158 (high)

CVE-2023-24539 (high)

​​CVE-2023-45288 (high)

CVE-2023-39326 (medium)

CVE-2024-24787 (medium)

CVE-2024-45341 (medium)

CVE-2024-24789 (medium)

CVE-2023-45290 (medium)

CVE-2024-52522 (medium)

CVE-2023-39318 (medium)

CVE-2024-24783 (medium)

CVE-2023-4641 (medium)

CVE-2024-24785 (medium)

CVE-2024-34155 (medium)

CVE-2023-29409 (medium)

CVE-2024-51741 (medium)

CVE-2023-39319 (medium)

CVE-2024-22365 (medium)

CVE-2023-45289 (medium)

CVE-2023-29406 (medium)

CVE-2024-2236 (medium)

CVE-2024-45336 (medium)

CVE-2025-1390 (medium)

​​CVE-2023-29383 (low)


CVE-2023-4016 (low)


CVE-2016-2781 (low)

History

2025-06-18: Initial vulnerability report published.

Contact

E-mail: [email protected]

VMware Tanzu Security Advisories
https://tanzu.vmware.com/security