VMware has released a security update to address a critical vulnerability (CVE-2021-39144) in their Cloud Foundation products. It has a Common Vulnerability Scoring System (CVSS) score of 9.8 out of 10.
Successful exploitation of the vulnerability could allow an unauthenticated attacker to perform remote code execution as root.
Administrators and users of affected are advised to upgrade XStream to version 1.4.19 immediately.
More information is available here: