Product Release Advisory - Tanzu Platform for Cloud Foundry Windows 4.0.38+LTS-T
35980
24 July 2025
24 July 2025
CLOSED
HIGH
8.1
N/A
See CVE list in advisory
Product Release Advisory - Tanzu Platform for Cloud Foundry Windows 4.0.38+LTS-T
|
Advisory Details |
|
|
Severity |
High |
|
CVSSv3 Range |
8.1 |
|
CVSSv3 Vector |
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H |
|
Issue Date |
2025-07-24 |
|
Updated on |
Product Version Release Advisory
- Product Release Tanzu Platform for Cloud Foundry Windows 4.0.38+LTS-T
- Product Release Notes: https://techdocs.broadcom.com/us/en/vmware-tanzu/platform/tanzu-platform-for-cloud-foundry/4-0/tas-for-vms/release-notes.html#4.0.38
Security Fixes This release has the following security fixes, listed by component and area.
|
Component |
Vulnerabilities Resolved |
|
diego |
CVE-2024-53427 (High) |
|
garden-runc |
GHSA-cm76-qm8v-3j95 (CVE-2025-47290) (High) |
|
hwc-offline-buildpack winc garden-runc diego envoy-nginx |
CVE-2025-22874 (High) |
|
diego |
GHSA-mh63-6h87-95cp (CVE-2025-30204) (High) |
|
diego |
CVE-2025-48060 (High) |
|
envoy-nginx diego garden-runc winc |
CVE-2025-4673 (Medium) |
|
diego |
CVE-2024-23337 (Medium) |
|
garden-runc envoy-nginx diego winc |
CVE-2025-0913 (Medium) |