Product Release Advisory - VMware Tanzu for Postgres 17.5.0, 16.9.0, 15.13.0, 14.18.0, 13.21.0

VMware Tanzu Data Services

5 more products

35867

25 June 2025

25 June 2025

CLOSED

HIGH

See CVE list in advisory

Product Release Advisory

Advisory ID:

TNZ-2025-0040

Severity:

Critical 

Issue Date:

June 25, 2025

Updated on:

June 25, 2025

Synopsys

Updated multiple dependencies which resulted in 4 CVEs remediated in these releases.

Product Version Release Advisory

Security Fixes

This release has the following security fixes, listed by component and area.

Component

Vulnerabilities Resolved

VMware Tanzu for Postgres versions 17.5.0, 16.9.0, 15.13.0, 14.18.0, 13.21.0

CVE-2024-45337 (critical) 

CVE-2025-30204 (high) 

CVE-2025-4207 (medium) 

CVE-2024-51744 (low)

History

2025-06-25: Initial vulnerability report published.

Contact

E-mail: tanzu.psirt@broadcom.com

VMware Tanzu Security Advisories: https://tanzu.vmware.com/security