June Third Party Package Updates in Splunk Enterprise

Advisory ID: SVD-2023-0613

CVE ID:  Multiple

Published: 2023-06-01

Last Update: 2024-01-09

Description

Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in versions 8.1.14, 8.2.11, and 9.0.5 of Splunk Enterprise, including the following:

PackageRemediationCVESeverity
libxml2PatchedCVE-2022-40303High
libxml2PatchedCVE-2022-40304High
OpenSSL 1.0.2Upgraded to 1.0.2zgCVE-2023-0286High
OpenSSL 1.0.2Upgraded to 1.0.2zgCVE-2023-0215High
OpenSSL 1.0.2Upgraded to 1.0.2zgCVE-2022-4304Medium
curlUpgraded to 8.0.1CVE-2023-27538Medium
curlUpgraded to 8.0.1CVE-2023-27537Medium
curlUpgraded to 8.0.1CVE-2023-27536Critical
curlUpgraded to 8.0.1CVE-2023-27535High
curlUpgraded to 8.0.1CVE-2023-27534High
curlUpgraded to 8.0.1CVE-2023-27533High
curlUpgraded to 8.0.1CVE-2023-23916Medium
curlUpgraded to 8.0.1CVE-2023-23915Medium
curlUpgraded to 8.0.1CVE-2023-23914Critical
curlUpgraded to 8.0.1CVE-2022-43552Medium
curlUpgraded to 8.0.1CVE-2022-43551High
curlUpgraded to 8.0.1CVE-2022-42916High
curlUpgraded to 8.0.1CVE-2022-42915Critical
curlUpgraded to 8.0.1CVE-2022-35260Medium
curlUpgraded to 8.0.1CVE-2022-32221Critical
curlUpgraded to 8.0.1CVE-2022-35252Low
curlUpgraded to 8.0.1CVE-2022-32208Medium
curlUpgraded to 8.0.1CVE-2022-32207Critical
curlUpgraded to 8.0.1CVE-2022-32206Medium
curlUpgraded to 8.0.1CVE-2022-32205Medium
curlUpgraded to 8.0.1CVE-2022-30115Medium
curlUpgraded to 8.0.1CVE-2022-27782High
curlUpgraded to 8.0.1CVE-2022-27781High
curlUpgraded to 8.0.1CVE-2022-27780High
curlUpgraded to 8.0.1CVE-2022-27779Medium
curlUpgraded to 8.0.1CVE-2022-27778High
curlUpgraded to 8.0.1CVE-2022-27776Medium
curlUpgraded to 8.0.1CVE-2022-27775High
curlUpgraded to 8.0.1CVE-2022-27774Medium
curlUpgraded to 8.0.1CVE-2022-22576High
curlUpgraded to 8.0.1CVE-2021-22947Medium
curlUpgraded to 8.0.1CVE-2021-22946High
curlUpgraded to 8.0.1CVE-2021-22945Critical
curlUpgraded to 8.0.1CVE-2021-22926High
curlUpgraded to 8.0.1CVE-2021-22925Medium
curlUpgraded to 8.0.1CVE-2021-22924Low
curlUpgraded to 8.0.1CVE-2021-22923Medium
curlUpgraded to 8.0.1CVE-2021-22922Medium
curlUpgraded to 8.0.1CVE-2021-22901High
curlUpgraded to 8.0.1CVE-2021-22898Low
curlUpgraded to 8.0.1CVE-2021-22897Medium
curlUpgraded to 8.0.1CVE-2021-22890Low
curlUpgraded to 8.0.1CVE-2021-22876Medium
curlUpgraded to 8.0.1CVE-2020-8286High
curlUpgraded to 8.0.1CVE-2020-8285High
curlUpgraded to 8.0.1CVE-2020-8284Low
curlUpgraded to 8.0.1CVE-2020-8231High
curlUpgraded to 8.0.1CVE-2020-8177High
curlUpgraded to 8.0.1CVE-2020-8169High
libarchiveUpgraded to 3.6.2CVE-2022-36227Critical
libarchiveUpgraded to 3.6.2CVE-2021-31566High
libarchiveUpgraded to 3.6.2CVE-2021-36976Medium
lz4Upgraded to 1.9.4CVE-2021-3520Critical
SQLiteUpgraded to 3.41.2CVE-2022-35737High
zlibApplied patchCVE-2018-25032High
zlibApplied patchCVE-2022-37434Critical
prismjsUpgraded to 1.2.9CVE-2020-15138High
xmldomUpgraded to 0.7.9CVE-2022-37616Critical
color-stringUpgraded to 1.5.5CVE-2021-29060Medium
decode-uri-componentUpgraded to 0.2.1CVE-2022-38900High
glob-parentUpgraded to 5.1.2CVE-2020-28469High
json5Upgraded to 1.0.2CVE-2022-46175High
json5Upgraded to 2.2.3CVE-2022-46175High
loader-utilsUpgraded to 2.0.4CVE-2022-37599High
loader-utilsUpgraded to 2.0.4CVE-2022-37601Critical
loader-utilsUpgraded to 2.0.4CVE-2022-37603High
minimatchUpgraded to 3.0.5CVE-2022-3517High
momentUpgraded to 2.29.4CVE-2022-31129High
path-parseUpgraded to 1.0.7CVE-2021-23343High
postcssUpgraded to 7.0.36CVE-2021-23368Medium
postcssUpgraded to 7.0.36CVE-2021-23382High
python3Upgraded to 3.7.16CVE-2022-43680High
qsUpgraded to 6.5.3CVE-2022-24999High
ssriUppgraded to 6.0.2CVE-2020-7753High
terserUpgraded to 4.8.1CVE-2022-25858High
nth-checkUpgraded to 2.0.1CVE-2021-3803High
trimUpgraded to 0.0.3CVE-2020-7753High
css-whatUpgraded to 5.0.1CVE-2021-33587High
dot-propUpgraded to 4.2.1CVE-2020-8116High
ellipticUpgraded to 6.5.4CVE-2020-13822High
gotUpgraded to 12.5.3CVE-2022-33987Medium
jackson-databindUpgraded to 2.13.5CVE-2022-4200Medium
jackson-databindUpgraded to 2.13.5CVE-2022-42004High
json-smartUpgraded to 2.4.9CVE-2023-1370High
kind-ofUpgraded to 6.0.3CVE-2019-20149High
loader-utilsUpgraded to 1.4.2CVE-2022-37601Critical
loader-utilsUpgraded to 2.0.4CVE-2022-37601Critical
lodashUpgraded to 4.17.21CVE-2020-8203High
lodash-esUpgraded to 4.17.21CVE-2019-10744Critical
makoPatched*CVE-2022-40023High
makoUpgraded to 1.2.4**CVE-2022-40023High
mixin-deepUpgraded to 1.3.2CVE-2019-10746Critical
postcssUpgraded to 7.0.37CVE-2021-23382High
normalize-urlUpgraded to 6.1.0CVE-2021-33502High
ua-parser-jsUpgraded to 0.7.35CVE-2021-27292High
urllib3Upgraded to 1.26.6CVE-2021-33503High
websocket-extensionsUpgraded to 0.1.4CVE-2020-7662High
y18nUpgraded to 4.0.3CVE-2020-7774Critical
go, crypto/ellipticUpgraded go to 1.2CVE-2022-23806Critical
go, math/bigUpgraded go to 1.2CVE-2022-23772High
go, x/cryptoUpgraded go to 1.2CVE-2021-43565High
go, os/execUpgraded go to 1.2CVE-2022-30580High
go, encoding/xmlUpgraded go to 1.2CVE-2022-30633High
go, encoding/xmlUpgraded go to 1.2CVE-2022-28131High
go, path/filepathUpgraded go to 1.2CVE-2022-30632High
goUpgraded go to 1.2CVE-2022-41716High
go, crypto/ellipticUpgraded go to 1.2CVE-2022-28327High
goUpgraded go to 1.2CVE-2022-24921High
go, io/fsUpgraded go to 1.2CVE-2022-30630High
go, crypto/sshUpgraded go to 1.2CVE-2022-27191High
go, cmd/goUpgraded go to 1.2CVE-2022-23773High
go, crypto/randUpgraded go to 1.2CVE-2022-30634High
goUpgraded go to 1.2CVE-2022-41715High
go, encoding/pemUpgraded go to 1.2CVE-2022-24675High
goUpgraded go to 1.2CVE-2022-41720High
go, net/httpUpgraded go to 1.2CVE-2022-27664High
go, net/httpUpgraded go to 1.2CVE-2022-2880High
go, path/filepathUpgraded go to 1.2CVE-2022-29804High
go, math/bigUpgraded go to 1.2CVE-2022-32189High
go, encoding/gobUpgraded go to 1.2CVE-2022-30635High
go, compress/gzipUpgraded go to 1.2CVE-2022-30631High
goUpgraded go to 1.2CVE-2022-2879High
go, net/httpUpgraded go to 1.2CVE-2022-1705Medium
go, go/parseUpgraded go to 1.2CVE-2022-1962Medium
go, sysUpgraded go to 1.2CVE-2022-29526Medium
go, net/httpUpgraded go to 1.2CVE-2022-32148Medium
go, crypto/tlsUpgraded go to 1.2CVE-2022-30629Low
GrowlUpgraded to 1.10.5CVE-2017-16042Critical
BabelUpgraded to 2.9.1CVE-2021-20095Medium

*Splunk applied the patch for CVE-2022-40023 to mako 1.1.0 in $SPLUNK_HOME/lib/python3.7/site-packages/mako.

**Splunk upgraded mako to 1.2.4 in the Python Upgrade Readiness app to remediate CVE-2022-40023.

Solution

For Splunk Enterprise, upgrade versions to 8.1.14, 8.2.11, 9.0.5, or higher.

Product Status

ProductVersionComponentAffected VersionFix Version
Splunk Enterprise8.1-8.1.13 and Lower8.1.14
Splunk Enterprise8.2-8.2.0 to 8.2.108.2.11
Splunk Enterprise9.0-9.0.0 to 9.0.49.0.5

Severity

For the CVEs listed above, Splunk adopted the national vulnerability database (NVD) CVSS rating to align with industry standards.

Changelog

2024-01-09: Updated and added clarification around CVE-2022-40023 remdiation in mako. Removed CVE-2022-23491.