VMware on Tuesday, November 23rd informed customers about the availability of patches for arbitrary file read and server-side request forgery (SSRF) vulnerabilities affecting its vCenter Server product.
See the full article here:
https://www.securityweek.com/vmware-patches-file-read-ssrf-vulnerabilities-vcenter-server