What version of tcServer 4.x we need to upgrade to remediate the the CVE-2025-24813 vulnerability
search cancel

What version of tcServer 4.x we need to upgrade to remediate the the CVE-2025-24813 vulnerability

book

Article ID: 391327

calendar_today

Updated On:

Products

VMware Tanzu Spring Runtime

Issue/Introduction

Please share with us the tomcat upgrade plan from tcServer 4.1.40 /  tcRuntime 9.0.98.A.RELEASE to resolve the CVE-2025-24813.

Environment

RHEL

Cause

We have received the CVE-2025-24813 vulnerability, can you please suggest us to remediate the Vulnerability 

And also, please share with us the tomcat upgrade plan from 9.0.98 A to X

Resolution

We recommend/suggest you upgrade to the latest tcServer 4.1.43 that including tcRutime 9.0.102.A.RELEASE, equivalent to Apache Tomcat 9.0.102.

 

For upgrade steps/guideline, please check and follow the "Upgrade and Migration Guide" documentation  https://techdocs.broadcom.com/us/en/vmware-tanzu/spring/tanzu-tc-server/4/tc-server/topics-upgrade-getting-started.html

 

Also see the what's new in release notes for tcServer 4.1.43

https://techdocs.broadcom.com/us/en/vmware-tanzu/spring/tanzu-tc-server/4/tc-server/topics-release-notes-tc-server.html#topic_4142

Powered by Wolken Software