Product Release Advisory - VMware Tanzu Greenplum 6.30.0

Product/Component

VMware Tanzu Data Suite

2 more products

Notification Id

35931

Last Updated

10 July 2025

Initial Publication Date

10 July 2025

Status

CLOSED

Severity

CRITICAL

CVSS Base Score

9.8

WorkAround

Affected CVE

See CVE list in advisory

Security Advisory

Advisory ID:	TNZ-2025-0043
Severity:	Critical
Issue Date:	2025-07-10
Updated on:	2025-07-10
Synopsis	VMware Tanzu Greenplum 6.30.0 addresses the following security vulnerabilities.

Product Version Release Advisory

VMware Tanzu Greenplum 6.30.0 includes the following component updates:

Tanzu Greenplum Disaster Recovery 1.3.3

https://techdocs.broadcom.com/us/en/vmware-tanzu/data-solutions/tanzu-greenplum-disaster-recovery/1-3/gp-disaster-recovery/release-notes.html

Tanzu Greenplum Platform Extension Framework 7.0.0

https://techdocs.broadcom.com/us/en/vmware-tanzu/data-solutions/tanzu-greenplum-platform-extension-framework/7-0-0/gp-pxf/release-notes.html

Security Fixes

This release has the following security fixes, listed by component and area.

Component

Vulnerabilities Resolved

Tanzu Greenplum Disaster Recovery

CVE-2025-22871 (medium)

GHSA-hcg3-q754-cr77 (high)

Tanzu Greenplum Platform Extension Framework

CVE-2022-42889 (critical)

CVE-2025-22871 (medium)

CVE-2024-38816 (high)

CVE-2024-38819 (high)

CVE-2024-38820 (medium)

CVE-2024-38828 (medium)

CVE-2025-22233 (low)

CVE-2025-31650 (high)

CVE-2025-31651 (low)

CVE-2025-46701 (medium)

History

2025-07-10: Initial vulnerability report published.

Contact

E-mail: [email protected]

VMware Tanzu Security Advisories: https://tanzu.vmware.com/security