Product Release Advisory - VMware Tanzu Greenplum 6.31.0

VMware Tanzu Data Intelligence

2 more products

36281

29 October 2025

29 October 2025

CLOSED

CRITICAL

9.8

Security Advisory

Advisory ID:

TNZ-2025-0131

Severity:

Critical 

Issue Date:

2025-10-29

Updated on:

2025-10-29

Synopsis

VMware Tanzu Greenplum 6.31.0 addresses the following security vulnerabilities.

 

Product Version Release Advisory

Security Fixes

This release has the following security fixes, listed by component and area.

Component

Vulnerabilities Resolved

vmware-greenplum

CVE-2025-49796 (critical) 

CVE-2025-49794 (critical) 

CVE-2025-32911 (critical) 

CVE-2025-43272 (medium)

CVE-2025-43212 (medium)

CVE-2024-44192 (medium)

CVE-2025-43368 (medium)

CVE-2022-39176 (high)

CVE-2025-31278 (high)

CVE-2020-26559 (high)

CVE-2025-43342 (critical)

CVE-2025-9900 (high)

CVE-2025-6558 (high)

CVE-2025-30427 (medium)

CVE-2025-43343 (critical)

CVE-2025-43216 (medium)

CVE-2025-24216 (medium)

CVE-2025-24150 (high) 

CVE-2025-31273 (high)

CVE-2025-31257 (medium)

CVE-2025-24209 (high) 

CVE-2025-50059 (high) 

CVE-2025-52194 (high) 

CVE-2025-50106 (high) 

CVE-2025-30749 (high) 

CVE-2020-26560 (high) 

CVE-2021-31535 (critical)

CVE-2025-58060 (high)

CVE-2025-6020 (high)

CVE-2024-46952 (high)

CVE-2022-44840 (high)

CVE-2025-8176 (medium) 

CVE-2024-46951 (high)

CVE-2024-55549 (high)

CVE-2025-7425 (high)

CVE-2024-46953 (high)

CVE-2024-53920 (high)

CVE-2024-46956 (high)

CVE-2024-4453 (high)

CVE-2025-8941 (high)

CVE-2019-25059 (high)

CVE-2024-46954 (high)

CVE-2025-6965 (high)

CVE-2025-4948 (high)

GHSA-6v2p-p543-phr9 (high)

CVE-2023-24607 (high)

CVE-2025-6021 (high)

CVE-2025-32906 (high)

CVE-2024-0444 (high)

CVE-2020-26557 (high)

CVE-2023-46751 (high)

CVE-2025-32415 (high)

CVE-2025-7345 (high)

CVE-2025-32913 (high)

CVE-2021-3826 (medium) 

CVE-2020-26556 (high)

CVE-2025-11021 (high)

CVE-2023-52355 (high)

CVE-2017-17973 (high)

CVE-2024-8176 (high)

CVE-2023-52356 (high)

CVE-2025-22874 (high)

CVE-2025-32049 (high)

CVE-2021-38593 (high)

CVE-2022-4055 (high)

CVE-2025-32914 (high)

CVE-2025-21587 (high)

CVE-2025-5914 (high)

CVE-2025-47273 (high)

CVE-2023-48161 (high)

CVE-2005-2541 (high)

CVE-2023-4504 (high)

CVE-2025-5222 (high)

CVE-2025-4802 (high)

CVE-2024-52533 (critical) 

CVE-2023-1579 (high)

CVE-2025-2784 (high)

CVE-2023-2222 (n/a)

CVE-2022-30294 (n/a)

CVE-2023-2004 (n/a)

CVE-2025-2720 (n/a)

CVE-2025-2724 (n/a)

CVE-2021-32256 (medium) 

CVE-2025-2723 (n/a)

PL/Container Python3 Image

CVE-2025-4517 (critical) 

CVE-2024-12718 (medium)

CVE-2025-9288 (critical) 

CVE-2023-37920 (high) 

GHSA-q2x7-8rv6-6q7h (medium) 

GHSA-4vmg-rw8f-92f9 (critical) 

GHSA-f73w-4m7g-ch9x (critical)

CVE-2025-8941 (high) 

CVE-2025-6965 (high)

CVE-2022-44840 (high)

CVE-2021-45078 (high)

CVE-2025-6020 (high)

CVE-2025-7425 (high)

GHSA-hrfv-mqp8-q5rw (medium) 

GHSA-x4wf-678h-2pmq (critical) 

PL/Container R Image

CVE-2022-39176 (high)

CVE-2022-39177 (high)

CVE-2020-26559 (high)

CVE-2025-49796 (critical) 

CVE-2025-32911 (critical)

CVE-2025-7425 (high)

CVE-2025-9288 (critical)

CVE-2025-4517 (critical)

CVE-2024-12718 (medium) 

CVE-2021-3826 (medium) 

CVE-2023-24607 (high) 

CVE-2021-38593 (high)

CVE-2023-52356 (high)

CVE-2023-52355 (high)

CVE-2023-46751 (high)

CVE-2024-0444 (high)

CVE-2025-50059 (high)

Tanzu Greenplum Extensions

GHSA-x4wf-678h-2pmq (critical)

GHSA-hrfv-mqp8-q5rw (high)

Tanzu Greenplum Disaster Recovery

CVE-2025-4674 (high)

CVE-2025-22874 (high) 

CVE-2025-47907 (high)

CVE-2025-4673 (medium)

CVE-2025-47906 (medium)

CVE-2025-0913 (medium)

Tanzu Greenplum Platform Extension Framework

CVE‑2024‑24786 (high) 

CVE‑2025‑4674 (high) 

 

History

2025-10-29: Initial vulnerability report published.

Contact

E-mail: [email protected]

VMware Tanzu Security Advisories
https://tanzu.vmware.com/security