VMware has released a security update to address a vulnerability in Tanzu Application Service for virtual machines. A remote attacker can leverage this vulnerability (CVE-2021-22101) to cause denial of service by using REST HTTP requests and generating an enormous SQL query leading to database unavailability. Vulnerability is fixed in Tanzu Application Service versions 2.12.1, 2.11.8, 2.10.20, 2.9.28, 2.7.40.

Source: vmware.com