Third-Party Package Updates in Splunk App for Data Science and Deep Learning - March 2025
Advisory ID: SVD-2025-0309
CVE ID: Multiple
Published: 2025-03-26
Last Update: 2025-03-26
Description
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk App for Data Science and Deep Learning App version 5.2.0 including the following:
| Package | Remediation | CVE | Severity |
|---|---|---|---|
| certifi | Upgraded to 2024.7.4 | Multiple | High |
| requests | Upgraded to 2.31.0 | Multiple | Medium |
| urllib3 | Upgraded to 1.26.18 | Multiple | High |
| urllib3 | Upgraded to 1.26.19 | Multiple | Medium |
Solution
Upgrade Splunk App for Data Science and Deep Learning to versions 5.2.0, or higher.
Product Status
| Product | Version | Component | Affected Version | Fix Version |
|---|---|---|---|---|
| Splunk App for Data Science and Deep Learning | 5.2.0 | 5.1.2, 5.1.1 and 5.1.0 | 5.2.0 |
Severity
For the CVEs in this list, Splunk adopted the vendor’s severity rating or the National Vulnerability Database (NVD) common vulnerability scoring system (CVSS) rating, as available.