TKGm CVE-2025-15467 OpenSSL Security Scan Vulnerability
search cancel

TKGm CVE-2025-15467 OpenSSL Security Scan Vulnerability

book

Article ID: 433728

calendar_today

Updated On:

Products

VMware Tanzu Kubernetes Grid

Issue/Introduction

  • A security scan identifies CVE-2025-15467 related to OpenSSL in VMware Tanzu Kubernetes Grid Multicloud (TKGm).
  • The OpenSSL version detected in the environment is 3.0.13. OpenSSL versions 3.6, 3.5, 3.4, 3.3, and 3.0 are reported as vulnerable to this issue.

Environment

  • VMware Tanzu Kubernetes Grid Multicloud (TKGm) 2.5.1.

Cause

  • TKGm 2.5.1 utilizes OpenSSL 3.0.x within the base image OVAs (Photon OS 5.0 or Ubuntu 22.04), which is flagged by security scanners for CVE-2025-15467.

Resolution

  • VMware By Broadcom is aware of CVE-2025-15467.
  • Please refer to the release notes for existing and forthcoming product releases for any updates in relation to this CVE.
  • Should you require further information please contact Broadcom Support.
Powered by Wolken Software