Product Release Advisory - VMware Tanzu Greenplum Streaming Server For Kubernetes 1.3.0

Product/Component

VMware Tanzu Data Intelligence

2 more products

Notification Id

37447

Last Updated

06 May 2026

Initial Publication Date

06 May 2026

Status

CLOSED

Severity

CRITICAL

CVSS Base Score

9.8

WorkAround

Affected CVE

Product Release Advisory

Advisory ID:	TNZ-2026-0264
Severity:	Critical
Issue Date:	2026-05-06
Updated on:
Synopsys	Bumped multiple dependencies updates which resulted in 2 Critical and 12 High and several Medium CVEs remediated in this release.

Product Version Release Advisory

VMware Tanzu Greenplum Streaming Server For Kubernetes 1.3.0
https://techdocs.broadcom.com/us/en/vmware-tanzu/data-solutions/tanzu-greenplum-streaming-server-k8s/1-3/gpss-k8s/cve.html

Security Fixes

Component

Vulnerabilities Resolved

Tanzu Greenplum Streaming Server For Kubernetes 1.3.0

CVE-2026-27143 (Critical)

GHSA-p77j-4mvh-x3m3 (Critical)

CVE-2026-27140 (High)

GHSA-pc3f-x583-g7j2 (High)

CVE-2026-0861 (High)

CVE-2026-4111 (High)

CVE-2026-32281 (High)

CVE-2026-32283 (High)

CVE-2026-25679 (High)

CVE-2026-32280 (High)

CVE-2026-1299 (High)

CVE-2026-27144 (High)

CVE-2025-15366 (High)

CVE-2025-15367 (High)

CVE-2026-32282 (Medium)

CVE-2026-27142 (Medium)

CVE-2026-32289 (Medium)

CVE-2025-15281 (Medium)

CVE-2026-32288 (Medium)

CVE-2025-14831 (Medium)

CVE-2026-0915 (Medium)

CVE-2026-0865 (Medium)

CVE-2025-9820 (Medium)

History

2026-05-06: Initial vulnerability report published.

Contact

E-mail: [email protected]

VMware Tanzu Security Advisories
https://tanzu.vmware.com/security