Product Release Advisory - VMware Tanzu RabbitMQ on Kubernetes 4.2.4.1, 4.1.9.1, 4.0.18.1, 3.13.13.1
Security Advisory
|
Advisory ID |
TNZ-2026-0162 |
|
Severity |
Critical |
|
Issue Date |
2026-02-27 |
|
Updated on |
|
|
Synopsis |
The Tanzu RabbitMQ Carvel packages have been updated to versions 4.2.4.1, 4.1.9.1, 4.0.18.1, and 3.13.13.1. These updates include cert-manager v1.19.4 and address the below security vulnerabilities. These releases ensure improved security compliance and align with the latest vulnerability remediation requirements. |
Product Version Release Advisory
- Tanzu RabbitMQ on Kubernetes v4.2.4.1 (Carvel Package Hotfix)
- Tanzu RabbitMQ on Kubernetes v4.1.9.1 (Carvel Package Hotfix)
- Tanzu RabbitMQ on Kubernetes v4.0.18.1 (Carvel Package Hotfix)
- Tanzu RabbitMQ on Kubernetes v3.13.13.1 (Carvel Package Hotfix)
Security Fixes
This release has the following security fixes, listed by component and area.
Impacted versions: Tanzu RabbitMQ Carvel package versions older than 4.2.4.1, 4.1.9.1, 4.0.18.1, and 3.13.13.1 are impacted by this vulnerability.
No other Tanzu RabbitMQ packages or artifacts are affected.
|
Component |
Vulnerabilities Resolved |
|
Cert Manager |
CVE-2025-68121 (critical) CVE-2025-61732 (high) |
History
2025-02-27: Initial vulnerability report published.
Contact
E-mail: [email protected]
VMware Tanzu Security Advisories
https://tanzu.vmware.com/security