Third-Party Package Updates in Splunk Enterprise - July 2024

Advisory ID: SVD-2024-0718

CVE ID:  Multiple

Published: 2024-07-01

Last Update: 2024-07-01


Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Enterprise versions 9.2.1, 9.1.4, 9.0.9 and higher, including the following:

jackson-databindUpgraded to 1.16.1CVE-2023-35116Medium
commons-ioUpgraded to 2.15.1CVE-2021-29425Medium
snappy-javaUpgraded to
snappy-javaUpgraded to
snappy-javaUpgraded to
snappy-javaUpgraded to
avro-sdkUpgraded to 1.11.3CVE-2023-39410High
aiohttp5Upgraded to 3.8.6CVE-2023-37276Medium
aiohttp6Upgraded to 3.8.6CVE-2023-47627Medium
urllib37Upgraded to 2.0.7CVE-2023-43804Medium
urllib38Upgraded to 2.0.7CVE-2023-45803Medium
certifi9Upgraded to 2024.2.2CVE-2023-37920Low
idna10Upgraded to 3.7CVE-2024-3651Medium
pipUpgraded to 24.0CVE-2023-5752Informational
setuptoolsUpgraded to 65.5.1CVE-2022-40897Medium
pygmentsUpgraded to 2.15.1CVE-2022-40896Medium
wheelUpgraded to 0.41.2CVE-2022-40898informational
requests11Upgraded to 2.31.0CVE-2023-32681Medium
future12Upgraded to 1.0.0CVE-2022-40899High

1 Removed avatica-core from hive-exec

2 Removed guava from hive-exec

3 Removed guava from hive-exec

4 Removed guava from hive-exec

5 Upgraded aiohttp in the Splunk Secure Gateway app, $SPLUNK_HOME/etc/apps/splunk_secure_gateway/lib/aiohttp

6 Upgraded aiohttp in the Splunk Secure Gateway app, $SPLUNK_HOME/etc/apps/splunk_secure_gateway/lib/aiohttp

7 Upgraded urllib3 in the Splunk Secure Gateway app, $SPLUNK_HOME/etc/apps/splunk_secure_gateway/lib/urllib3

8 Upgraded urllib3 in the Splunk Secure Gateway app, $SPLUNK_HOME/etc/apps/splunk_secure_gateway/lib/urllib3

9 Upgraded certifi in the Splunk Secure Gateway app, $SPLUNK_HOME/etc/apps/splunk_secure_gateway/lib/certifi

10 Upgraded idna in the Splunk Secure Gateway app, $SPLUNK_HOME/etc/apps/splunk_secure_gateway/lib/idna

11 Upgraded requests in $SPLUNK_HOME/lib/python3.7/site-packages/requests

12 Upgraded requests in $SPLUNK_HOME/lib/python3.7/site-packages/future


Upgrade Splunk Enterprise to versions 9.2.1, 9.1.4, and 9.0.9, or higher.

Product Status

ProductVersionComponentAffected VersionFix Version
Splunk Enterprise9.29.2.0 to
Splunk Enterprise9.19.1.0 to
Splunk Enterprise9.09.0.0 to


For the CVEs in this list, Splunk adopted the vendor’s severity rating, when available, or the national vulnerability database (NVD) common vulnerability scoring system (CVSS) rating, otherwise.

For CVE-2023-37920, Splunk adopted the vendor’s severity rating. Please refer to GHSA-xqr8-7jwr-rhp7 for more information.

If you do not use Splunk Analytics for Hadoop, Splunk Archiver, Hadoop Data Roll, or Hunk (Legacy) the CVEs impacting the listed java packages (hive-exec, jackson-databind, commons-io, snappy-java, avro-sdk, avatica-core and guava) are informational.

If you disabled or removed Splunk Secure Gateway, the listed CVEs affecting aiohttp, urllib3, and certify are informational.

For pip and wheel, Splunk Enterprise does not utilize the package and is not impacted by the CVE. However, out of an abundance of caution, Splunk updated the package.