Ref# ADV2025_454 | Date: Dec 30th 2025

---

VMWare published a security advisory highlighting vulnerabilities in the following products between December 22^nd and 28^th, 2025. It is recommended that you take the necessary precautions by ensuring your products are always updated.

• AI Services for VMware Tanzu Platform – versions prior to 10.3.2
• Application Services for VMware Tanzu Platform – versions prior to 3.3.13
• Elastic Application Runtime Windows add-on for VMware Tanzu Platform – versions prior to 10.2.6+LTS-T, 10.3.2 and 6.0.23+LTS-T
• Healthwatch – versions prior to 2.3.4
• Isolation Segmentation for VMware Tanzu Platform – versions prior to 10.2.6+LTS-T, 10.3.2 and 6.0.23+LTS-T
• Java Buildpack – versions prior to 4.86.0
• Stemcells (Windows) – versions prior to 2019.93.x
• Tanzu Hub – versions prior to 10.3.2
• VMware Tanzu for Postgres on Tanzu Platform – versions prior to 10.2.2
• VMware Tanzu GemFire on Tanzu Platform – versions prior to 2.2.1
• VMware Tanzu Greenplum – versions prior to 7.7.0
• VMware Tanzu Greenplum SQL Editor – versions prior to 1.2.1
• VMware Tanzu RabbitMQ on Tanzu Platform – versions prior to 10.1.1

For more information on these updates, you can follow this URL:

• Security Advisories – Tanzu

The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary.

References

• Security Advisories – Tanzu. (December 02, 2025). Retrieved from Broadcom.
  https://support.broadcom.com/web/ecx/security-advisory?segment=VT

 

• VMWare security advisory. (December 29, 2025). Retrieved from Canadian Centre for Cyber Security.
  https://www.cyber.gc.ca/en/alerts-advisories/vmware-security-advisory-av25-864