June Third Party Package Updates in Splunk Enterprise

Advisory ID: SVD-2023-0613

CVE ID:  Multiple

Published: 2023-06-01

Last Update: 2024-01-09

Description

Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in versions 8.1.14, 8.2.11, and 9.0.5 of Splunk Enterprise, including the following:

PackageRemediationCVESeverity
libxml2PatchedCVE-2022-40303High
libxml2PatchedCVE-2022-40304High
OpenSSL 1.0.2Upgraded to 1.0.2zgCVE-2023-0286High
OpenSSL 1.0.2Upgraded to 1.0.2zgCVE-2023-0215High
OpenSSL 1.0.2Upgraded to 1.0.2zgCVE-2022-4304Medium
curlUpgraded to 8.0.1CVE-2023-27538Medium
curlUpgraded to 8.0.1CVE-2023-27537Medium
curlUpgraded to 8.0.1CVE-2023-27536Critical
curlUpgraded to 8.0.1CVE-2023-27535High
curlUpgraded to 8.0.1CVE-2023-27534High
curlUpgraded to 8.0.1CVE-2023-27533High
curlUpgraded to 8.0.1CVE-2023-23916Medium
curlUpgraded to 8.0.1CVE-2023-23915Medium
curlUpgraded to 8.0.1CVE-2023-23914Critical
curlUpgraded to 8.0.1CVE-2022-43552Medium
curlUpgraded to 8.0.1CVE-2022-43551High
curlUpgraded to 8.0.1CVE-2022-42916High
curlUpgraded to 8.0.1CVE-2022-42915Critical
curlUpgraded to 8.0.1CVE-2022-35260Medium
curlUpgraded to 8.0.1CVE-2022-32221Critical
curlUpgraded to 8.0.1CVE-2022-35252Low
curlUpgraded to 8.0.1CVE-2022-32208Medium
curlUpgraded to 8.0.1CVE-2022-32207Critical
curlUpgraded to 8.0.1CVE-2022-32206Medium
curlUpgraded to 8.0.1CVE-2022-32205Medium
curlUpgraded to 8.0.1CVE-2022-30115Medium
curlUpgraded to 8.0.1CVE-2022-27782High
curlUpgraded to 8.0.1CVE-2022-27781High
curlUpgraded to 8.0.1CVE-2022-27780High
curlUpgraded to 8.0.1CVE-2022-27779Medium
curlUpgraded to 8.0.1CVE-2022-27778High
curlUpgraded to 8.0.1CVE-2022-27776Medium
curlUpgraded to 8.0.1CVE-2022-27775High
curlUpgraded to 8.0.1CVE-2022-27774Medium
curlUpgraded to 8.0.1CVE-2022-22576High
curlUpgraded to 8.0.1CVE-2021-22947Medium
curlUpgraded to 8.0.1CVE-2021-22946High
curlUpgraded to 8.0.1CVE-2021-22945Critical
curlUpgraded to 8.0.1CVE-2021-22926High
curlUpgraded to 8.0.1CVE-2021-22925Medium
curlUpgraded to 8.0.1CVE-2021-22924Low
curlUpgraded to 8.0.1CVE-2021-22923Medium
curlUpgraded to 8.0.1CVE-2021-22922Medium
curlUpgraded to 8.0.1CVE-2021-22901High
curlUpgraded to 8.0.1CVE-2021-22898Low
curlUpgraded to 8.0.1CVE-2021-22897Medium
curlUpgraded to 8.0.1CVE-2021-22890Low
curlUpgraded to 8.0.1CVE-2021-22876Medium
curlUpgraded to 8.0.1CVE-2020-8286High
curlUpgraded to 8.0.1CVE-2020-8285High
curlUpgraded to 8.0.1CVE-2020-8284Low
curlUpgraded to 8.0.1CVE-2020-8231High
curlUpgraded to 8.0.1CVE-2020-8177High
curlUpgraded to 8.0.1CVE-2020-8169High
libarchiveUpgraded to 3.6.2CVE-2022-36227Critical
libarchiveUpgraded to 3.6.2CVE-2021-31566High
libarchiveUpgraded to 3.6.2CVE-2021-36976Medium
lz4Upgraded to 1.9.4CVE-2021-3520Critical
SQLiteUpgraded to 3.41.2CVE-2022-35737High
zlibApplied patchCVE-2018-25032High
zlibApplied patchCVE-2022-37434Critical
prismjsUpgraded to 1.2.9CVE-2020-15138High
xmldomUpgraded to 0.7.9CVE-2022-37616Critical
color-stringUpgraded to 1.5.5CVE-2021-29060Medium
decode-uri-componentUpgraded to 0.2.1CVE-2022-38900High
glob-parentUpgraded to 5.1.2CVE-2020-28469High
json5Upgraded to 1.0.2CVE-2022-46175High
json5Upgraded to 2.2.3CVE-2022-46175High
loader-utilsUpgraded to 2.0.4CVE-2022-37599High
loader-utilsUpgraded to 2.0.4CVE-2022-37601Critical
loader-utilsUpgraded to 2.0.4CVE-2022-37603High
minimatchUpgraded to 3.0.5CVE-2022-3517High
momentUpgraded to 2.29.4CVE-2022-31129High
path-parseUpgraded to 1.0.7CVE-2021-23343High
postcssUpgraded to 7.0.36CVE-2021-23368Medium
postcssUpgraded to 7.0.36CVE-2021-23382High
python3Upgraded to 3.7.16CVE-2022-43680High
qsUpgraded to 6.5.3CVE-2022-24999High
ssriUppgraded to 6.0.2CVE-2020-7753High
terserUpgraded to 4.8.1CVE-2022-25858High
nth-checkUpgraded to 2.0.1CVE-2021-3803High
trimUpgraded to 0.0.3CVE-2020-7753High
css-whatUpgraded to 5.0.1CVE-2021-33587High
dot-propUpgraded to 4.2.1CVE-2020-8116High
ellipticUpgraded to 6.5.4CVE-2020-13822High
gotUpgraded to 12.5.3CVE-2022-33987Medium
jackson-databindUpgraded to 2.13.5CVE-2022-4200Medium
jackson-databindUpgraded to 2.13.5CVE-2022-42004High
json-smartUpgraded to 2.4.9CVE-2023-1370High
kind-ofUpgraded to 6.0.3CVE-2019-20149High
loader-utilsUpgraded to 1.4.2CVE-2022-37601Critical
loader-utilsUpgraded to 2.0.4CVE-2022-37601Critical
lodashUpgraded to 4.17.21CVE-2020-8203High
lodash-esUpgraded to 4.17.21CVE-2019-10744Critical
makoPatched*CVE-2022-40023High
makoUpgraded to 1.2.4**CVE-2022-40023High
mixin-deepUpgraded to 1.3.2CVE-2019-10746Critical
postcssUpgraded to 7.0.37CVE-2021-23382High
normalize-urlUpgraded to 6.1.0CVE-2021-33502High
ua-parser-jsUpgraded to 0.7.35CVE-2021-27292High
urllib3Upgraded to 1.26.6CVE-2021-33503High
websocket-extensionsUpgraded to 0.1.4CVE-2020-7662High
y18nUpgraded to 4.0.3CVE-2020-7774Critical
go, crypto/ellipticUpgraded go to 1.2CVE-2022-23806Critical
go, math/bigUpgraded go to 1.2CVE-2022-23772High
go, x/cryptoUpgraded go to 1.2CVE-2021-43565High
go, os/execUpgraded go to 1.2CVE-2022-30580High
go, encoding/xmlUpgraded go to 1.2CVE-2022-30633High
go, encoding/xmlUpgraded go to 1.2CVE-2022-28131High
go, path/filepathUpgraded go to 1.2CVE-2022-30632High
goUpgraded go to 1.2CVE-2022-41716High
go, crypto/ellipticUpgraded go to 1.2CVE-2022-28327High
goUpgraded go to 1.2CVE-2022-24921High
go, io/fsUpgraded go to 1.2CVE-2022-30630High
go, crypto/sshUpgraded go to 1.2CVE-2022-27191High
go, cmd/goUpgraded go to 1.2CVE-2022-23773High
go, crypto/randUpgraded go to 1.2CVE-2022-30634High
goUpgraded go to 1.2CVE-2022-41715High
go, encoding/pemUpgraded go to 1.2CVE-2022-24675High
goUpgraded go to 1.2CVE-2022-41720High
go, net/httpUpgraded go to 1.2CVE-2022-27664High
go, net/httpUpgraded go to 1.2CVE-2022-2880High
go, path/filepathUpgraded go to 1.2CVE-2022-29804High
go, math/bigUpgraded go to 1.2CVE-2022-32189High
go, encoding/gobUpgraded go to 1.2CVE-2022-30635High
go, compress/gzipUpgraded go to 1.2CVE-2022-30631High
goUpgraded go to 1.2CVE-2022-2879High
go, net/httpUpgraded go to 1.2CVE-2022-1705Medium
go, go/parseUpgraded go to 1.2CVE-2022-1962Medium
go, sysUpgraded go to 1.2CVE-2022-29526Medium
go, net/httpUpgraded go to 1.2CVE-2022-32148Medium
go, crypto/tlsUpgraded go to 1.2CVE-2022-30629Low
GrowlUpgraded to 1.10.5CVE-2017-16042Critical
BabelUpgraded to 2.9.1CVE-2021-20095Medium

*Splunk applied the patch for CVE-2022-40023 to mako 1.1.0 in $SPLUNK_HOME/lib/python3.7/site-packages/mako.

**Splunk upgraded mako to 1.2.4 in the Python Upgrade Readiness app to remediate CVE-2022-40023.

Solution

For Splunk Enterprise, upgrade versions to 8.1.14, 8.2.11, 9.0.5, or higher.

Product Status

ProductBase VersionAffected VersionFix Version
Splunk Enterprise8.18.1.13 and Lower8.1.14
Splunk Enterprise8.28.2.0 to 8.2.108.2.11
Splunk Enterprise9.09.0.0 to 9.0.49.0.5

Severity

For the CVEs listed above, Splunk adopted the national vulnerability database (NVD) CVSS rating to align with industry standards.

Changelog

2024-01-09: Updated and added clarification around CVE-2022-40023 remdiation in mako. Removed CVE-2022-23491.