Third-Party Package Updates in Splunk Universal Forwarder - March 2024

Advisory ID: SVD-2024-0304

CVE ID:  Multiple

Published: 2024-03-27

Last Update: 2024-03-27


Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Universal Forwarder versions 9.2.1, 9.1.4, 9.0.9 and higher, including the following:

OpensslUpgraded to 1.0.2zjCVE-2024-0727, CVE-2023-5678Low
curl1Upgraded from 8.0.1 to 8.5.0multipleInformational

1 The Splunk Universal Forwarder is not affected by the CVEs listed by curl applicable to versions 8.0.1 through 8.4.0. However, out of an abundance of caution, Splunk upgraded it.


Upgrade Splunk Universal Forwarder to versions 9.2.1, 9.1.4, and 9.0.9, or higher.

Product Status

ProductVersionComponentAffected VersionFix Version
Splunk Universal Forwarder9.29.2.0 to
Splunk Universal Forwarder9.19.1.0 to
Splunk Universal Forwarder9.09.0.0 to


For the CVEs in this list, Splunk adopted the vendor’s severity rating, where applicable.