Product Release Advisory - VMware Tanzu for Postgres on Kubernetes 4.3.2

Product/Component

VMware Tanzu Data Intelligence

8 more products

Notification Id

37109

Last Updated

26 February 2026

Initial Publication Date

26 February 2026

Status

CLOSED

Severity

HIGH

CVSS Base Score

WorkAround

Affected CVE

Product Release Advisory

Advisory ID:	TNZ-2026-0156
Severity:	High
Issue Date:	2026-02-25
Updated on:	2026-02-25
Synopsys	We have bumped go versions and related dependencies to the latest versions which resulted in 30 CVEs fixed.

Product Version Release Advisory

VMware Tanzu for Postgres on Kubernetes 4.3.2

https://techdocs.broadcom.com/us/en/vmware-tanzu/data-solutions/tanzu-for-postgres-on-kubernetes/4-3/tnz-postgres-k8s/index.html

Security Fixes

This release has the following security fixes, listed by component and area.

Component

Vulnerabilities Resolved

tanzu-postgres-kubernetes

CVE-2025-9900 (high)

CVE-2026-0994 (high)

CVE-2025-68973 (high)

CVE-2025-8176 (high)

CVE-2025-6965 (high)

CVE-2025-13601 (high)

CVE-2025-12818 (high)

CVE-2026-23490 (high)

CVE-2023-52355 (high)

CVE-2023-52356 (high)

CVE-2025-12084 (high)

CVE-2025-65018 (high)

CVE-2025-66293 (high)

CVE-2025-64720 (high)

CVE-2025-68119 (high)

CVE-2025-13836 (medium)

CVE-2025-32988 (medium)

CVE-2025-32990 (medium)

CVE-2025-6395 (medium)

CVE-2025-9714 (medium)

CVE-2025-14104 (medium)

GHSA-gx3x-vq4p-mhhv (medium)

CVE-2025-9230 (medium)

CVE-2025-45582 (medium)

CVE-2025-32989 (medium)

CVE-2025-59375 (medium)

CVE-2025-9086 (medium)

CVE-2025-4598 (medium)

CVE-2024-56433 (low)

CVE-2024-5642 (low)

History

20256-02-25: Initial vulnerability report published.

Contact

E-mail: [email protected]

VMware Tanzu Security Advisories: tanzu.vmware.com/security