Ce mail provient de l'extérieur, restons vigilants ===================================================================== CERT-Renater Note d'Information No. 2026/VULN025 _____________________________________________________________________ DATE : 13/01/2026 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running VMware Tanzu Data Intelligence, VMware Tanzu Data Services Pack, VMware Tanzu Data Suite, VMware Tanzu Gemfire. ===================================================================== https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36758 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36759 _____________________________________________________________________ Product Release Advisory - VMware Tanzu GemFire 10.1.6 Product/Component VMware Tanzu Data Intelligence VMware Tanzu Data Services Pack VMware Tanzu Data Suite VMware Tanzu Gemfire Notification Id 36758 Last Updated 13 January 2026 Initial Publication Date 13 January 2026 Status CLOSED Severity MEDIUM CVSS Base Score WorkAround Affected CVE Security Advisory Advisory ID: TNZ-2025-0415 Severity: Medium Issue Date: 2026-01-12 Updated on: 2026-01-12 Synopsis Bumped one dependency which resulted in at least 1 CVEs remediated in this release Product Version Release Advisory VMware Tanzu GemFire 10.1.6 https://techdocs.broadcom.com/us/en/vmware-tanzu/data-solutions/tanzu-gemfire/10-1/gf/release_notes.html Security Fixes This release has the following security fixes, listed by component and area. Component Vulnerabilities Resolved Netty CVE-2025-67735 (medium) History 2026-01-12: Initial vulnerability report published. Contact E-mail: [email protected] VMware Tanzu Security Advisories https://tanzu.vmware.com/security _____________________________________________________________________ Product Release Advisory - VMware Tanzu GemFire 10.2.1 Product/Component VMware Tanzu Data Intelligence VMware Tanzu Data Services Pack VMware Tanzu Data Suite VMware Tanzu Gemfire Notification Id 36759 Last Updated 13 January 2026 Initial Publication Date 13 January 2026 Status CLOSED Severity MEDIUM CVSS Base Score WorkAround Affected CVE Security Advisory Advisory ID: TNZ-2025-0416 Severity: Medium Issue Date: 2026-01-12 Updated on: 2026-01-12 Synopsis Bumped two dependencies which resulted in at least 4 CVEs remediated in this release Product Version Release Advisory VMware Tanzu GemFire 10.2.1 https://techdocs.broadcom.com/us/en/vmware-tanzu/data-solutions/tanzu-gemfire/10-2/gf/release_notes.html Security Fixes This release has the following security fixes, listed by component and area. Component Vulnerabilities Resolved Netty CVE-2025-67735 (medium) CVE-2025-59419 (medium) Spring Framework CVE-2025-41254 (medium) CVE-2025-22233 (low) History 2026-01-12: Initial vulnerability report published. Contact E-mail: tanzu.psirt@broadcom.com VMware Tanzu Security Advisories https://tanzu.vmware.com/security ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================