Support Content Notification - Support Portal

Product Release Advisory - Concourse for VMware Tanzu 7.14.1+LTS-T

Product/Component

Tanzu Kubernetes Runtime

7 more products

Notification Id

36408

Last Updated

06 November 2025

Initial Publication Date

06 November 2025

Status

CLOSED

Severity

CRITICAL

CVSS Base Score

9.8

WorkAround

N/A

Affected CVE

See CVE list in advisory

Product Release Advisory - Concourse for VMware Tanzu 7.14.1+LTS-T

Advisory ID	TNZ-2025-0103
Tanzu Issue Date	2025-10-23
Updated on

	Highest Score CVE from list below advisory details
Severity	Critical
CVSS V4 Vector	Unavailable
CVSS V4 Score	Unavailable (Sev: Unavailable)
CVSS V3.1 Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS V3.1 Score	9.8 (Sev: CRITICAL)
CVSS V2 Vector	Unavailable
CVSS V2 Score	Unavailable (Sev: Unavailable)

Note: if cvss scores are "Unavailable" is is most likely due to the vulnerability being GHSA or BDSA without a matching CVE for nvd lookup.

Product Version Release Advisory

Product Release Concourse for VMware Tanzu 7.14.1+LTS-T
Product Release Notes: https://techdocs.broadcom.com/us/en/vmware-tanzu/platform/concourse-for-tanzu/7-0/tanzu-concourse/index.html

Security Fixes: This release has the following security fixes, listed by component.

Component	Vulnerabilities Resolved
concourse-release	CVE-2024-24790 (Critical) CVE-2023-29405 (Critical) CVE-2023-29404 (Critical) CVE-2023-29402 (Critical) CVE-2023-24540 (Critical) CVE-2023-24538 (Critical) CVE-2023-24531 (Critical) CVE-2022-32221 (Critical) CVE-2022-32207 (Critical) CVE-2022-2068 (Critical) CVE-2022-1292 (Critical) CVE-2015-8863 (Critical) CVE-2025-4517 (Critical) CVE-2024-45337 - GHSA-v778-237x-gjrc (Critical) CVE-2025-22871 (Critical) CVE-2024-5535 (Critical) CVE-2023-23914 (Critical) CVE-2023-27534 (High) CVE-2023-27533 (High) CVE-2022-1271 (High) CVE-2024-8088 (High) CVE-2024-2398 (High) CVE-2024-53427 (High) CVE-2023-39323 (High) CVE-2022-42915 (High) CVE-2022-22576 (High) CVE-2024-9287 (High) CVE-2023-6597 (High) CVE-2023-4807 (High) CVE-2023-29403 (High) CVE-2022-30580 (High) CVE-2025-22869 - GHSA-hcg3-q754-cr77 (High) CVE-2025-22868 - GHSA-6v2p-p543-phr9 (High) CVE-2019-3792 - GHSA-4fqx-74rv-638w (High) CVE-2023-50782 - GHSA-3ww4-gg4f-jr7f (High) CVE-2025-8194 (High) CVE-2025-48060 (High) CVE-2025-4435 (High) CVE-2025-4330 (High) CVE-2025-4138 (High) CVE-2024-7592 (High) CVE-2024-6232 (High) CVE-2024-6119 (High) CVE-2024-4741 (High) CVE-2024-4032 (High) CVE-2024-34158 (High) CVE-2024-34156 (High) CVE-2024-24791 (High) CVE-2024-24784 (High) CVE-2023-5363 (High) CVE-2023-45288 (High) CVE-2023-45287 (High) CVE-2023-45285 (High) CVE-2023-45283 (High) CVE-2023-44487 (High) CVE-2023-36632 (High) CVE-2023-28319 (High) CVE-2023-24537 (High) CVE-2023-24536 (High) CVE-2023-24534 (High) CVE-2023-0464 (High) CVE-2023-0401 (High) CVE-2023-0217 (High) CVE-2023-0216 (High) CVE-2023-0215 (High) CVE-2022-4450 (High) CVE-2022-43551 (High) CVE-2022-42916 (High) CVE-2022-41725 (High) CVE-2022-41724 (High) CVE-2022-41723 (High) CVE-2022-41722 (High) CVE-2022-41720 (High) CVE-2022-41716 (High) CVE-2022-41715 (High) CVE-2022-3996 (High) CVE-2022-3786 (High) CVE-2022-3602 (High) CVE-2022-3358 (High) CVE-2022-32189 (High) CVE-2022-30635 (High) CVE-2022-30634 (High) CVE-2022-30633 (High) CVE-2022-30632 (High) CVE-2022-30631 (High) CVE-2022-30630 (High) CVE-2022-29804 (High) CVE-2022-2880 (High) CVE-2022-2879 (High) CVE-2022-28131 (High) CVE-2022-27782 (High) CVE-2022-27781 (High) CVE-2022-27780 (High) CVE-2022-27775 (High) CVE-2022-27664 (High) CVE-2022-1473 (High) CVE-2016-4074 (High) CVE-2023-0286 - GHSA-x4qr-2fvf-3mr5 (High) CVE-2022-29217 - GHSA-ffqj-6fqr-9h24 (High) CVE-2024-0397 (High) CVE-2023-0286 (High) CVE-2025-0725 (High) CVE-2023-29400 (High) CVE-2023-24539 (High) CVE-2024-4030 (High) CVE-2023-23931 - GHSA-w7pp-m8wf-vj6r (Medium) CVE-2025-4947 (Medium) CVE-2024-9681 (Medium) CVE-2024-8096 (Medium) CVE-2024-7264 (Medium) CVE-2024-23337 (Medium) CVE-2023-6129 (Medium) CVE-2023-46218 (Medium) CVE-2023-45290 (Medium) CVE-2023-29406 (Medium) CVE-2023-2650 (Medium) CVE-2023-23916 (Medium) CVE-2023-23915 (Medium) CVE-2022-32206 (Medium) CVE-2022-32148 (Medium) CVE-2022-27776 (Medium) CVE-2022-1705 (Medium) CVE-2024-24787 (Medium) CVE-2025-0938 (Medium) CVE-2024-47611 (Medium) CVE-2024-5569 - GHSA-jfmj-5v4g-7637 (Medium) CVE-2024-0450 (Medium) CVE-2024-45341 (Medium) CVE-2024-45336 (Medium) CVE-2023-39319 (Medium) CVE-2023-39318 (Medium) CVE-2025-47291 - GHSA-cxfp-7pvr-95ff (Medium) CVE-2025-27144 - GHSA-c6gw-w398-hv78 (Medium) CVE-2023-49083 - GHSA-jfhm-5ghh-2f97 (Medium) CVE-2023-48795 - GHSA-45x7-px36-x8w8 (Medium) CVE-2025-4516 (Medium) CVE-2024-50602 (Medium) CVE-2024-2511 (Medium) CVE-2024-24783 (Medium) CVE-2023-6237 (Medium) CVE-2023-28321 (Medium) CVE-2023-28320 (Medium) CVE-2023-1255 (Medium) CVE-2022-43552 (Medium) CVE-2022-4304 (Medium) CVE-2022-32208 (Medium) CVE-2022-1434 (Medium) CVE-2022-36087 - GHSA-3pgj-pg6c-r5p7 (Medium) CVE-2022-27774 (Medium) CVE-2024-0727 - GHSA-9v9h-cgj8-h64p (Medium) CVE-2025-9403 (Medium) CVE-2024-6923 (Medium) CVE-2024-24789 (Medium) CVE-2024-0727 (Medium) CVE-2022-1962 (Medium) CVE-2022-0563 (Medium) CVE-2021-3996 (Medium) CVE-2021-3995 (Medium) CVE-2020-22916 (Medium) CVE-2018-15798 - GHSA-9689-rx4v-cqgc (Medium) CVE-2022-31683 - GHSA-5jp2-vwrj-99rf (Medium) CVE-2024-24785 (Medium) No known CVE - GHSA-fv92-fjc5-jj9h (Medium) CVE-2024-4603 (Medium) CVE-2024-12718 (Medium) CVE-2023-5678 (Medium) CVE-2023-45284 (Medium) CVE-2023-40217 (Medium) CVE-2023-39326 (Medium) CVE-2023-3817 (Medium) CVE-2023-3446 (Medium) CVE-2023-2975 (Medium) CVE-2023-29409 (Medium) CVE-2023-27043 (Medium) CVE-2023-24532 (Medium) CVE-2023-0466 (Medium) CVE-2023-0465 (Medium) CVE-2022-41717 (Medium) CVE-2022-29526 (Medium) CVE-2022-2097 (Medium) CVE-2022-1343 (Medium) CVE-2024-3219 (Medium) CVE-2022-4203 (Medium) CVE-2025-5025 (Medium) CVE-2025-6069 (Medium) CVE-2024-9143 (Medium) CVE-2024-34155 (Medium) CVE-2023-45289 (Medium) CVE-2022-32205 (Medium) CVE-2024-13176 (Medium) CVE-2025-22866 (Medium) CVE-2024-11168 (Low) CVE-2023-28322 (Low) CVE-2022-35252 (Low) CVE-2025-0167 (Low) CVE-2024-11053 (Low) CVE-2024-28085 (Low) CVE-2022-30629 (Low) No known CVE - GHSA-v8gr-m533-ghj9 (Low) No known CVE - GHSA-jm77-qphf-c4w8 (Low) No known CVE - GHSA-5cpq-8wj7-hf2v (Low) CVE-2025-1795 (Low)

Component

Vulnerabilities Resolved

concourse-release

CVE-2024-24790 (Critical)
CVE-2023-29405 (Critical)
CVE-2023-29404 (Critical)
CVE-2023-29402 (Critical)
CVE-2023-24540 (Critical)
CVE-2023-24538 (Critical)
CVE-2023-24531 (Critical)
CVE-2022-32221 (Critical)
CVE-2022-32207 (Critical)
CVE-2022-2068 (Critical)
CVE-2022-1292 (Critical)
CVE-2015-8863 (Critical)
CVE-2025-4517 (Critical)
CVE-2024-45337 - GHSA-v778-237x-gjrc (Critical)
CVE-2025-22871 (Critical)
CVE-2024-5535 (Critical)
CVE-2023-23914 (Critical)
CVE-2023-27534 (High)
CVE-2023-27533 (High)
CVE-2022-1271 (High)
CVE-2024-8088 (High)
CVE-2024-2398 (High)
CVE-2024-53427 (High)
CVE-2023-39323 (High)
CVE-2022-42915 (High)
CVE-2022-22576 (High)
CVE-2024-9287 (High)
CVE-2023-6597 (High)
CVE-2023-4807 (High)
CVE-2023-29403 (High)
CVE-2022-30580 (High)
CVE-2025-22869 - GHSA-hcg3-q754-cr77 (High)
CVE-2025-22868 - GHSA-6v2p-p543-phr9 (High)
CVE-2019-3792 - GHSA-4fqx-74rv-638w (High)
CVE-2023-50782 - GHSA-3ww4-gg4f-jr7f (High)
CVE-2025-8194 (High)
CVE-2025-48060 (High)
CVE-2025-4435 (High)
CVE-2025-4330 (High)
CVE-2025-4138 (High)
CVE-2024-7592 (High)
CVE-2024-6232 (High)
CVE-2024-6119 (High)
CVE-2024-4741 (High)
CVE-2024-4032 (High)
CVE-2024-34158 (High)
CVE-2024-34156 (High)
CVE-2024-24791 (High)
CVE-2024-24784 (High)
CVE-2023-5363 (High)
CVE-2023-45288 (High)
CVE-2023-45287 (High)
CVE-2023-45285 (High)
CVE-2023-45283 (High)
CVE-2023-44487 (High)
CVE-2023-36632 (High)
CVE-2023-28319 (High)
CVE-2023-24537 (High)
CVE-2023-24536 (High)
CVE-2023-24534 (High)
CVE-2023-0464 (High)
CVE-2023-0401 (High)
CVE-2023-0217 (High)
CVE-2023-0216 (High)
CVE-2023-0215 (High)
CVE-2022-4450 (High)
CVE-2022-43551 (High)
CVE-2022-42916 (High)
CVE-2022-41725 (High)
CVE-2022-41724 (High)
CVE-2022-41723 (High)
CVE-2022-41722 (High)
CVE-2022-41720 (High)
CVE-2022-41716 (High)
CVE-2022-41715 (High)
CVE-2022-3996 (High)
CVE-2022-3786 (High)
CVE-2022-3602 (High)
CVE-2022-3358 (High)
CVE-2022-32189 (High)
CVE-2022-30635 (High)
CVE-2022-30634 (High)
CVE-2022-30633 (High)
CVE-2022-30632 (High)
CVE-2022-30631 (High)
CVE-2022-30630 (High)
CVE-2022-29804 (High)
CVE-2022-2880 (High)
CVE-2022-2879 (High)
CVE-2022-28131 (High)
CVE-2022-27782 (High)
CVE-2022-27781 (High)
CVE-2022-27780 (High)
CVE-2022-27775 (High)
CVE-2022-27664 (High)
CVE-2022-1473 (High)
CVE-2016-4074 (High)
CVE-2023-0286 - GHSA-x4qr-2fvf-3mr5 (High)
CVE-2022-29217 - GHSA-ffqj-6fqr-9h24 (High)
CVE-2024-0397 (High)
CVE-2023-0286 (High)
CVE-2025-0725 (High)
CVE-2023-29400 (High)
CVE-2023-24539 (High)
CVE-2024-4030 (High)
CVE-2023-23931 - GHSA-w7pp-m8wf-vj6r (Medium)
CVE-2025-4947 (Medium)
CVE-2024-9681 (Medium)
CVE-2024-8096 (Medium)
CVE-2024-7264 (Medium)
CVE-2024-23337 (Medium)
CVE-2023-6129 (Medium)
CVE-2023-46218 (Medium)
CVE-2023-45290 (Medium)
CVE-2023-29406 (Medium)
CVE-2023-2650 (Medium)
CVE-2023-23916 (Medium)
CVE-2023-23915 (Medium)
CVE-2022-32206 (Medium)
CVE-2022-32148 (Medium)
CVE-2022-27776 (Medium)
CVE-2022-1705 (Medium)
CVE-2024-24787 (Medium)
CVE-2025-0938 (Medium)
CVE-2024-47611 (Medium)
CVE-2024-5569 - GHSA-jfmj-5v4g-7637 (Medium)
CVE-2024-0450 (Medium)
CVE-2024-45341 (Medium)
CVE-2024-45336 (Medium)
CVE-2023-39319 (Medium)
CVE-2023-39318 (Medium)
CVE-2025-47291 - GHSA-cxfp-7pvr-95ff (Medium)
CVE-2025-27144 - GHSA-c6gw-w398-hv78 (Medium)
CVE-2023-49083 - GHSA-jfhm-5ghh-2f97 (Medium)
CVE-2023-48795 - GHSA-45x7-px36-x8w8 (Medium)
CVE-2025-4516 (Medium)
CVE-2024-50602 (Medium)
CVE-2024-2511 (Medium)
CVE-2024-24783 (Medium)
CVE-2023-6237 (Medium)
CVE-2023-28321 (Medium)
CVE-2023-28320 (Medium)
CVE-2023-1255 (Medium)
CVE-2022-43552 (Medium)
CVE-2022-4304 (Medium)
CVE-2022-32208 (Medium)
CVE-2022-1434 (Medium)
CVE-2022-36087 - GHSA-3pgj-pg6c-r5p7 (Medium)
CVE-2022-27774 (Medium)
CVE-2024-0727 - GHSA-9v9h-cgj8-h64p (Medium)
CVE-2025-9403 (Medium)
CVE-2024-6923 (Medium)
CVE-2024-24789 (Medium)
CVE-2024-0727 (Medium)
CVE-2022-1962 (Medium)
CVE-2022-0563 (Medium)
CVE-2021-3996 (Medium)
CVE-2021-3995 (Medium)
CVE-2020-22916 (Medium)
CVE-2018-15798 - GHSA-9689-rx4v-cqgc (Medium)
CVE-2022-31683 - GHSA-5jp2-vwrj-99rf (Medium)
CVE-2024-24785 (Medium)
No known CVE - GHSA-fv92-fjc5-jj9h (Medium)
CVE-2024-4603 (Medium)
CVE-2024-12718 (Medium)
CVE-2023-5678 (Medium)
CVE-2023-45284 (Medium)
CVE-2023-40217 (Medium)
CVE-2023-39326 (Medium)
CVE-2023-3817 (Medium)
CVE-2023-3446 (Medium)
CVE-2023-2975 (Medium)
CVE-2023-29409 (Medium)
CVE-2023-27043 (Medium)
CVE-2023-24532 (Medium)
CVE-2023-0466 (Medium)
CVE-2023-0465 (Medium)
CVE-2022-41717 (Medium)
CVE-2022-29526 (Medium)
CVE-2022-2097 (Medium)
CVE-2022-1343 (Medium)
CVE-2024-3219 (Medium)
CVE-2022-4203 (Medium)
CVE-2025-5025 (Medium)
CVE-2025-6069 (Medium)
CVE-2024-9143 (Medium)
CVE-2024-34155 (Medium)
CVE-2023-45289 (Medium)
CVE-2022-32205 (Medium)
CVE-2024-13176 (Medium)
CVE-2025-22866 (Medium)
CVE-2024-11168 (Low)
CVE-2023-28322 (Low)
CVE-2022-35252 (Low)
CVE-2025-0167 (Low)
CVE-2024-11053 (Low)
CVE-2024-28085 (Low)
CVE-2022-30629 (Low)
No known CVE - GHSA-v8gr-m533-ghj9 (Low)
No known CVE - GHSA-jm77-qphf-c4w8 (Low)
No known CVE - GHSA-5cpq-8wj7-hf2v (Low)
CVE-2025-1795 (Low)