Third-Party Package Updates in Splunk Enterprise - October 2025

Advisory ID: SVD-2025-1007

CVE ID:  Multiple

Published: 2025-10-01

Last Update: 2025-10-01

Description

Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Enterprise versions 10.0.1, 9.4.4, 9.3.6, 9.2.8, and higher.

PackageRemediationCVESeverity
protobuf-java1RemovedMultipleHigh
mongod2Upgraded to 7.0.14MultipleHigh
webpack3RemovedMultipleHigh
imports-loader4RemovedCVE-2022-37601Low
libxml25PatchedCVE-2025-32415High
mongotoolsUpgraded to 100.12.1. Remedied in 10.0.0.CVE-2024-45337High
jackson-core6Upgraded jackson-core to v2.15.0CVE-2025-52999High
curl7Upgraded to v8.14.1MultipleHigh

1 Removed protobuf-java from Splunk Enterprise to remedy CVE-2015-5237 and CVE-2024-7254

2 Upgraded KV store server version from 4.2 to 7.0 for Splunk Enterprise 10.0 and 9.4 to remedy CVE-2024-7553 and CVE-2024-1351

3 Removed webpack from the Splunk Monitoring Console to remedy CVE-2022-46175, CVE-2022-37601, and CVE-2021-44906

4 Removed import-loader from the Splunk Monitoring Console to remedy CVE-2022-37601

5 Applied the patch for CVE-2025-32415 to xmlschemas.c in libxml2 version 2.9.14. Remedied in 10.0.0.

6 Remedied in 10.0.0.

7 Upgraded Curl to v8.14.1 to remedy CVE-2025-0167, CVE-2025-0725, CVE-2025-5025, CVE-2025-4947. Remedied in 10.0.0.

Solution

Upgrade Splunk Enterprise to versions 10.0.1, 9.4.4, 9.3.6, 9.2.8, or higher.

Splunk is actively monitoring and patching Splunk Cloud Platform instances.

Product Status

ProductBase VersionAffected VersionFix Version
Splunk Enterprise10.010.0.010.0.1
Splunk Enterprise9.49.4.0 to 9.4.39.4.4
Splunk Enterprise9.39.3.0 to 9.3.59.3.6
Splunk Enterprise9.29.2.0 to 9.2.79.2.8

Severity

For the CVEs in this list, Splunk adopted the vendor’s severity rating or the National Vulnerability Database (NVD) common vulnerability scoring system (CVSS) rating, as available.