Product Release Advisory - Go Buildpack 1.10.57 - go-buildpack-offline-cflinuxfs4

Tanzu Kubernetes Runtime

7 more products

36327

05 November 2025

05 November 2025

CLOSED

HIGH

7.9

N/A

See CVE list in advisory

Product Release Advisory - Go Buildpack 1.10.57

 

Advisory ID

 TNZ-2025-0157

Tanzu Issue Date

2025-10-29

Updated on

  

 

 

Highest Score CVE from list below advisory details

Severity

High

CVSS V4 Vector

Unavailable

CVSS V4 Score

Unavailable (Sev: Unavailable)

CVSS V3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CVSS V3.1 Score

5.4 (Sev: MEDIUM)

CVSS V2 Vector

Unavailable

CVSS V2 Score

Unavailable (Sev: Unavailable)

 

  • Note: if cvss scores are "Unavailable" is is most likely due to the vulnerability being GHSA or BDSA without a matching CVE for nvd lookup.

 

Product Version Release Advisory

 

 

Security Fixes This release has the following security fixes, listed by component.

 

Component

Vulnerabilities Resolved

go-buildpack-offline-cflinuxfs4
  • CVE-2025-47910 - BDSA-2025-9976 (High)
  • CVE-2025-47906 - BDSA-2025-7768 (High)
  • CVE-2024-8244 - BDSA-2024-10794 (Medium)
  • No known CVE - BDSA-2025-13443 (Medium)
  • No known CVE - BDSA-2025-13438 (Medium)
  • No known CVE - BDSA-2025-13437 (Medium)
  • No known CVE - BDSA-2025-13435 (Medium)
  • CVE-2025-47907 - BDSA-2025-8187 (Medium)
  • No known CVE - BDSA-2025-13445 (Medium)
  • No known CVE - BDSA-2025-13446 (Medium)
  • No known CVE - BDSA-2025-13440 (Medium)
  • No known CVE - BDSA-2025-13431 (Medium)
  • No known CVE - BDSA-2025-13430 (Medium)
  • No known CVE - BDSA-2025-12947 (Medium)