CVE-2024-22256

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance.

CVE-2024-22277

VMware Cloud Director Availability contains an HTML injection vulnerability.Amalicious actor with network access to VMware Cloud DirectorAvailability can craft malicious HTML tags to execute within replicationtasks.