Third-Party Package Updates in Splunk AppDynamics Cluster Agent - August 2025

Advisory ID: SVD-2025-0802

CVE ID:  Multiple

Published: 2025-08-06

Last Update: 2025-08-06

Description

Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk AppDynamics Cluster Agent version 25.6.0, and higher, including the following:

PackageRemediationCVESeverity
golang1Upgraded to 1.24.4MultipleHigh
glibcUpgraded to 2.34-168.el9_6.19CVE-2025-4802High
grpc-go2Upgraded to 1.68.1CVE-2024-7246Medium

1 Upgraded golang from v1.24.3 to v1.24.4 to remedy CVE-2025-22874, CVE-2025-4673, and CVE-2025-0913.

2 Upgraded grpc-go from v1.65.0 to v1.68.1 to remedy CVE-2024-7246.

Solution

Upgrade Splunk AppDynamics Cluster Agent to versions 25.6.0 or higher.

Product Status

ProductBase VersionAffected VersionFix Version
Splunk AppDynamics Cluster Agent25.6.0Below 25.6.025.6.0

Severity

For the CVEs in this list, Splunk adopted the vendor’s severity rating or the National Vulnerability Database (NVD) common vulnerability scoring system (CVSS) rating, as available.