Third-Party Package Updates in Splunk Enterprise - March 2024

Advisory ID: SVD-2024-0303

CVE ID:  Multiple

Published: 2024-03-27

Last Update: 2024-03-27


Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Enterprise versions 9.2.1, 9.1.4, 9.0.9 and higher, including the following:

OpensslUpgraded to 1.0.2zjCVE-2024-0727, CVE-2023-5678Low
net, go1Upgraded to 0.2.0CVE-2023-39325High
go2Upgraded from 1.20.10 to 1.21.5multipleSee vendor
hive-execUpgraded from 3.1.3 to 4.0.0-beta-1multipleSee vendor
curl3Upgraded from 8.0.1 to 8.5.0multipleSee vendor
pywin32Upgraded to b306CVE-2021-32559Medium
jackson-databind4Upgraded from 2.9.10 to 2.13.5multipleSee vendor

1 Upgraded in Splunk Assist

2 Upgraded in Splunk Assist

3 Splunk Enterprise is not affected by CVE-2023-38545

4 Removed jackson-databind-2.9.10 nested within $SPLUNK_HOME/bin/jars/thirdparty/common/parquet-hive-bundle-1.11.2.jar and added jackson-databind-2.13.5 under $SPLUNK_HOME/bin/jars/common


Upgrade Splunk Enterprise to versions 9.2.1, 9.1.4, and 9.0.9, or higher.

Product Status

ProductVersionComponentAffected VersionFix Version
Splunk Enterprise9.29.2.0 to
Splunk Enterprise9.19.1.0 to
Splunk Enterprise9.09.0.0 to


For the CVEs in this list, Splunk adopted the vendor’s severity rating, when available, or the national vulnerability database (NVD) common vulnerability scoring system (CVSS) rating, otherwise.