Third-Party Package Updates in Splunk User Behavior Analytics (UBA) - July 2025
Advisory ID: SVD-2025-0713
CVE ID: Multiple
Published: 2025-07-30
Last Update: 2025-07-30
Description
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk User Behavior Analytics (UBA) version 5.4.3, including the following:
| Package | Remediation | CVE | Severity |
|---|---|---|---|
| Jetty HTTP | Upgraded to 9.4.57 | CVE-2024-6763 | Medium |
| sellinium | Upgraded to 4.30.0 | CVE-2023-5590 | High |
| node.js1 | Upgraded to 22.14.0 | Multiple | High |
| OpenJDK | Upgraded to 8u452 | CVE-2025-21502 | Medium |
| Apache Kafka2 | Upgraded to 3.9.0 | Multiple | Medium |
| docker3 | Upgraded to 28.0.4 | Multiple | High |
| containered.io | Upgraded to 1.7.27 | CVE-2024-40635 | Medium |
| curl4 | Upgraded to 8.4.0 | Multiple | Critical |
| werkzeug5 | Upgraded to 3.6.0 | Multiple | High |
| krb5-libs6 | Upgraded to 1.18.2-31 | Multiple | High |
| python | Upgraded to 3.12.10 | CVE-2024-12254 | High |
1 Updated node.js to 22.14.0 to remedy CVE‑2024‑27980, and CVE‑2024‑22020.
2 Updated Apache Kafka to 3.9.0 to remedy CVE-2024-31141, and CVE-2024-56128.
3 Updated docker to 28.0.4 to remedy CVE-2025-22869, and CVE-2025-27144.
4 Updated curl to 8.4.0 to remedy CVE-2023-38545, CVE-2023-38546, and CVE-2023-38039.
5 Updated werkzeug to 3.6.0 to remedy CVE-2024-49766, and CVE-2024-49767.
6 Updated krb5-libs to 1.18.2-31 to remedy CVE-2022-42898, CVE-2024-26458, CVE-2024-26461, CVE-2024-37370, and CVE-2024-37371.
Solution
Upgrade Splunk User Behavior Analytics (UBA) to version 5.4.3 or higher.
Product Status
| Product | Base Version | Affected Version | Fix Version |
|---|---|---|---|
| Splunk User Behavior Analytics (UBA) | 5.4 | Below 5.4.3 | 5.4.3 |
Severity
For the CVEs in this list, Splunk adopted the national vulnerability database (NVD) common vulnerability scoring system (CVSS) rating to align with industry standards.