With a known CVE, below are steps to identify:
TKGI
TAP
Bosh
Opsmanager
Procedure:
Example:
Ubuntu Security Notice: https://ubuntu.com/security/notices/USN-7206-3
CVE-2024-12084: https://ubuntu.com/security/CVE-2024-12084
Example: Jammy 1.x Stemcell Release Notes
Example: From above, CVE-2024-12084 showed fixed starting with Stemcell 1.719
Refer to KB: Retrieve Product Version Compatibilities from the Tanzu API
For product tile:
Tile Name: Tanzu Kubernetes Grid Integrated Edition
Tile Version: 1.20.0-build.52
API outputs:
Example product slug name and product name from above KB show that:
Product Name: "Tanzu Kubernetes Grid Integrated Edition (TKGi) - CLI & Tile"
Slug Name: "pivotal-container-service"
Human-readable version and database ID for TKGI 1.20:
Release version: 1.20.0
Release ID: 523043
"id": 523043,
"version": "1.20.0",
Dependencies output shows Stemcell 1.719 is compatible. Also, newer compatible stemcells (1.737, etc)
"version": "1.775",
"slug": "stemcells-ubuntu-jammy",
"name": "Stemcells (Ubuntu Jammy)"
"version": "1.737",
"slug": "stemcells-ubuntu-jammy",
"name": "Stemcells (Ubuntu Jammy)"
"version": "1.719",
"slug": "stemcells-ubuntu-jammy",
"name": "Stemcells (Ubuntu Jammy)"