Third-Party Package Updates in Splunk AppDynamics On-Premises Enterprise Console - August 2025

Advisory ID: SVD-2025-0801

CVE ID:  Multiple

Published: 2025-08-06

Last Update: 2025-08-06

Description

Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk AppDynamics On-Premises Enterprise Console version 25.4.0 and higher, including the following:

PackageRemediationCVESeverity
batik1UpgradedMultipleHigh
body-parserUpgradedCVE-2024-45590High
bouncycastle-fipsUpgradedCVE-2024-29857High
druidUpgradedCVE-2025-27888High
gstreamer2UpgradedMultipleCritical
jackson-databindUpgradedCVE-2023-35116Medium
jackson-mapper-asl3UpgradedMultipleCritical
json-smartUpgradedCVE-2023-1370High
jszip4UpgradedMultipleHigh
elasticsearch5UpgradedMultipleHigh
python6UpgradedMultipleHigh
logback-core7UpgradedMultipleHigh
mysql8UpgradedMultipleMedium
netty9UpgradedMultipleCritical
netty-handlerUpgradedCVE-2025-24970High
nimbus-jose-jwtUpgradedCVE-2023-52428High
okhttpUpgradedCVE-2023-0833Medium
okioUpgradedCVE-2023-3635Medium
zlib10UpgradedMultipleCritical
zookeeper11UpgradedMultipleCritical
zstdUpgradedCVE-2022-4899High

1 Upgraded batik to remedy CVE-2022-38648, CVE-2022-41704, CVE-2022-40146, CVE-2022-38398, and CVE-2022-42890.

2 Upgraded gstreamer to remedy CVE-2024-47778, CVE-2024-47606, CVE-2024-47546, CVE-2024-47602, CVE-2024-47607, CVE-2024-47774, CVE-2024-47603, CVE-2024-47596, CVE-2024-47615, CVE-2024-47543, CVE-2024-47541, CVE-2024-47544, CVE-2024-47777, CVE-2024-47537, CVE-2024-47599, CVE-2023-50186, CVE-2024-47834, CVE-2024-47835, CVE-2024-47601, CVE-2024-47776, CVE-2024-47538, CVE-2024-47542, CVE-2024-47540, CVE-2024-47598, CVE-2024-47775, CVE-2024-47600, CVE-2024-47597, CVE-2024-47539, CVE-2024-47545, and CVE-2024-4761.

3 Upgraded jackson-mapper-asl to remedy CVE-2019-14540, CVE-2020-36189, CVE-2019-16943, CVE-2020-10650, CVE-2017-7525, CVE-2019-17531, CVE-2020-36518, CVE-2019-10172, CVE-2019-16335, CVE-2019-14439, CVE-2019-14892, CVE-2018-12022, CVE-2019-17267, CVE-2019-14379, CVE-2018-5968, CVE-2018-7489, CVE-2021-20190, CVE-2022-42004, and CVE-2017-17485.

4 Upgraded jszip to remedy CVE-2022-48285 and CVE-2021-23413.

5 Upgraded elasticsearch to remedy CVE-2018-3824 and CVE-2024-52979.

6 Upgraded python to remedy CVE-2024-5642, CVE-2022-0391, CVE-2022-45061, CVE-2019-9674, CVE-2023-27043, CVE-2021-4189, and CVE-2022-48564.

7 Upgraded logback-core to remedy CVE-2021-42550 and CVE-2023-6378.

8 Upgraded mysql to remedy CVE-2025-21585, CVE-2025-30684, CVE-2025-21546, CVE-2025-21519, CVE-2025-21500, CVE-2025-21518, CVE-2025-30685, CVE-2025-21577, CVE-2025-21505, CVE-2025-30695, CVE-2025-30688, CVE-2025-21543, CVE-2025-21584, CVE-2025-30683, CVE-2025-30696, CVE-2025-21581, CVE-2025-21490, CVE-2025-30689, CVE-2025-21497, CVE-2025-21520, CVE-2025-21501, CVE-2025-21574, CVE-2025-30705, CVE-2025-21540, CVE-2025-21575, CVE-2025-30704, CVE-2025-30693, CVE-2025-21579, CVE-2025-21522, CVE-2025-30699, CVE-2025-21529, CVE-2025-21523, CVE-2025-30682, CVE-2025-30715, CVE-2025-30681, CVE-2025-21503, CVE-2025-30687, CVE-2025-21491, CVE-2025-21580, CVE-2025-30703, CVE-2025-21559, CVE-2025-21555, CVE-2025-30721, and CVE-2025-21531.

9 Upgraded netty to remedy CVE-2025-25193, CVE-2024-47535, CVE-2025-25193, CVE-2021-37137, CVE-2021-21290, CVE-2021-21295, CVE-2025-24970, CVE-2021-21409, CVE-2024-47535, CVE-2019-20445, CVE-2022-41881, CVE-2024-47535, CVE-2022-24823, CVE-2021-43797, CVE-2024-47535, CVE-2025-25193, CVE-2023-34462, CVE-2019-16869, CVE-2021-37136, CVE-2025-24970, CVE-2019-20444, CVE-2025-25193, and CVE-2023-34462.

10 Upgraded zlib to remedy CVE-2023-45853 and CVE-2023-6992.

11 Upgraded zookeeper to remedy CVE-2024-51504 and CVE-2024-23944.

Solution

Upgrade Splunk AppDynamics On-Premise Enterprise Console to versions 25.4.0 or higher.

Product Status

ProductBase VersionAffected VersionFix Version
On-Premise Enterprise Console25.4.0Below 25.4.025.4.0

Severity

For the CVEs in this list, Splunk adopted the vendor’s severity rating or the National Vulnerability Database (NVD) common vulnerability scoring system (CVSS) rating, as available.