Third-Party Package Updates in Splunk AppDynamics Cluster Agent - August 2025
Advisory ID: SVD-2025-0802
CVE ID: Multiple
Published: 2025-08-06
Last Update: 2025-08-06
Description
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk AppDynamics Cluster Agent version 25.6.0, and higher, including the following:
Package | Remediation | CVE | Severity |
---|---|---|---|
golang1 | Upgraded to 1.24.4 | Multiple | High |
glibc | Upgraded to 2.34-168.el9_6.19 | CVE-2025-4802 | High |
grpc-go2 | Upgraded to 1.68.1 | CVE-2024-7246 | Medium |
1 Upgraded golang from v1.24.3 to v1.24.4 to remedy CVE-2025-22874, CVE-2025-4673, and CVE-2025-0913.
2 Upgraded grpc-go from v1.65.0 to v1.68.1 to remedy CVE-2024-7246.
Solution
Upgrade Splunk AppDynamics Cluster Agent to versions 25.6.0 or higher.
Product Status
Product | Base Version | Affected Version | Fix Version |
---|---|---|---|
Splunk AppDynamics Cluster Agent | 25.6.0 | Below 25.6.0 | 25.6.0 |
Severity
For the CVEs in this list, Splunk adopted the vendor’s severity rating or the National Vulnerability Database (NVD) common vulnerability scoring system (CVSS) rating, as available.