By rssfeeds-admin 
The security patches target a range of high-severity Common Vulnerabilities and Exposures (CVEs) affecting various components including setup tools, golang libraries, OpenSSL, and libcurl, requiring immediate attention from organizations running affected versions of Splunk Enterprise.
Vulnerabilities Span Multiple Third-Party Components
The security advisory reveals a substantial scope of vulnerabilities affecting numerous third-party packages integrated within Splunk Enterprise.
Among the most critical findings, the golang.org/x/crypto package in the spl2-orchestrator component received a critical severity rating for CVE-2024-45337, necessitating an immediate upgrade to version 0.36.0.
This component, notably absent from versions 9.3.x, 9.2.x, 9.1.x, and older, represents a significant security concern for newer Splunk deployments.
The golang ecosystem dominates the vulnerability landscape, with multiple components requiring updates to version 1.24.2.
The Mongodump and Mongorestore utilities both received comprehensive patches addressing ten distinct CVEs, including CVE-2025-22869, CVE-2025-27414, and CVE-2025-22868, all carrying high severity ratings.
Similarly, the compsup binary, absent from 9.1.x versions, underwent golang crypto upgrades to version 0.37.0, addressing nine separate vulnerabilities.
High-severity vulnerabilities also emerged in the setup tools Python package, upgraded to version 70.0.0 to address CVE-2024-6345, and the libcurl library, updated to version 8.11.1 to resolve nine security issues, including CVE-2024-0853 and CVE-2025-0725.
These updates demonstrate the interconnected nature of modern software security, where vulnerabilities in foundational libraries can impact entire enterprise platforms.
Comprehensive Update Strategy
Splunk’s remediation strategy encompasses a broad range of product versions, with fixes available for Enterprise versions 9.4.3, 9.3.5, 9.2.7, 9.1.10, and higher.
The product status matrix reveals that users running Splunk Enterprise 9.4.0 through 9.4.2 must upgrade to version 9.4.3, while those on 9.3.0 through 9.3.4 require version 9.3.5.
This graduated approach ensures that organizations can maintain their current major version while receiving critical security patches.
The update strategy also addresses component-specific limitations across different Splunk versions.
For instance, the compsup binary updates only apply to versions 9.2.x and newer, while spl2-orchestrator fixes exclusively benefit version 9.4.x deployments.
This targeted approach reflects Splunk’s architectural evolution and the progressive integration of newer security-critical components.
Medium and low-severity vulnerabilities also received attention, with the Beaker Python package upgraded to version 1.12.1 in Splunk Enterprise 9.2.7 to address CVE-2013-7489 and azure-storage-blob updated to version 12.13.0 for CVE-2022-30187 remediation.
OpenSSL updates to version 1.0.2zl addressed both CVE-2024-13176 (low severity) and CVE-2024-9143 (informational), though Splunk clarified that Enterprise and Universal Forwarder deployments remain unaffected by the latter.
The comprehensive nature of these security updates underscores the critical importance of maintaining current Splunk Enterprise versions.
Organizations must prioritize immediate upgrades to the specified fixed versions to mitigate risks associated with these vulnerabilities.
The Advisory SVD-2025-0710 represents a significant security maintenance effort, addressing vulnerabilities across the entire software stack and reinforcing Splunk’s commitment to enterprise security standards.
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant updates
The post Splunk Patches Critical Vulnerabilities in Third‑Party Packages — Update Now! appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.