Third-Party Package Updates in Splunk SDK for JavaScript - April 2025
Advisory ID: SVD-2025-0416
CVE ID: CVE-2024-47764
Published: 2025-04-09
Last Update: 2025-04-09
Description
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk SDK for JavaScript version 2.0.1 including the following:
| Package | Remediation | CVE | Severity |
|---|---|---|---|
| cookie | Upgraded to 0.7.0 | CVE-2024-47764 | Medium |
Solution
Upgrade Splunk SDK for JavaScript to version 2.0.1 or higher.
Product Status
| Product | Version | Component | Affected Version | Fix Version |
|---|---|---|---|---|
| Splunk SDK for JavaScript | 2.0 | Below 2.0.1 | 2.0.1 |
Severity
For the CVEs in this list, Splunk adopted the vendor’s severity rating or the National Vulnerability Database (NVD) common vulnerability scoring system (CVSS) rating, as available.