Third-Party Package Updates in Splunk App for Data Science and Deep Learning - March 2025

Advisory ID: SVD-2025-0309

CVE ID:  Multiple

Published: 2025-03-26

Last Update: 2025-03-26

Description

Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk App for Data Science and Deep Learning App version 5.2.0 including the following:

PackageRemediationCVESeverity
certifiUpgraded to 2024.7.4MultipleHigh
requestsUpgraded to 2.31.0MultipleMedium
urllib3Upgraded to 1.26.18MultipleHigh
urllib3Upgraded to 1.26.19MultipleMedium

Solution

Upgrade Splunk App for Data Science and Deep Learning to versions 5.2.0, or higher.

Product Status

ProductVersionComponentAffected VersionFix Version
Splunk App for Data Science and Deep Learning5.2.05.1.2, 5.1.1 and 5.1.05.2.0

Severity

For the CVEs in this list, Splunk adopted the vendor’s severity rating or the National Vulnerability Database (NVD) common vulnerability scoring system (CVSS) rating, as available.