Skip to content
  • Blog Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form

Splunk Address Third-Party Packages Vulnerabilities in SOAR Versions

Posted on July 9, 2025July 9, 2025 By CWS

Splunk has launched vital safety updates addressing a number of vulnerabilities in third-party packages in SOAR variations 6.4.0 and 6.4. 

Printed on July 7, 2025, this complete safety replace remediates varied Widespread Vulnerabilities and Exposures (CVEs) starting from medium to vital severity ranges. 

The vulnerabilities have an effect on important elements, together with git, Django, cryptography libraries, and JavaScript packages, requiring quick consideration from safety directors managing Splunk SOAR deployments.

Key Takeaways1. Splunk addresses a number of vital CVEs together with CVE-2024-32002 (git) and CVE-2024-48949 (@babel/traverse) in SOAR variations 6.4.0 and 6.4.1.2. Third-party elements upgraded, together with Django, cryptography, jQuery DataTables, and wkhtml removing, protecting vulnerabilities from vital to medium severity.3. All SOAR 6.4 installations beneath model 6.4.1 should instantly improve to six.4.1 or increased.4. Unpatched vulnerabilities may allow unauthorized entry, code execution, and knowledge manipulation throughout the core SOAR infrastructure.

Crucial Vulnerabilities Addressed

The safety advisory identifies a number of critical-severity vulnerabilities that pose quick dangers to SOAR environments. 

CVE-2024-32002 is a vital severity vulnerability affecting the git bundle. This vulnerability was recognized in Splunk SOAR variations 6.4.0 and 6.4.1 and has been remediated by means of an improve to git model 2.48.1. 

The vital severity score signifies this vulnerability poses vital safety dangers and requires quick consideration from system directors.

CVE-2024-48949 represents one other vital severity vulnerability, particularly focusing on the @babel/traverse bundle. 

In Splunk SOAR model 6.4.0, this vulnerability was addressed by upgrading the bundle to model 7.26.7. 

Nonetheless, within the subsequent SOAR model 6.4.1, Splunk took the extra decisive method of fully eradicating the @babel/traverse bundle to remove the vulnerability completely.

Excessive-Severity Points

Excessive-severity vulnerabilities embrace CVE-2024-45230 in Django, CVE-2024-21538 in cross-spawn, CVE-2024-52804 in twister, CVE-2022-35583 wkhtml vulnerability, CVE-2024-6345 in Setuptools, CVE-2024-39338 in Axios JavaScript library and CVE-2024-49767 in Werkzeug WSGI utility library.

These vulnerabilities may doubtlessly enable unauthorized entry, code execution, or knowledge manipulation inside the SOAR surroundings.

PackagePatched Model / RemediationCVE ID(s)SeveritygitUpgrade to v2.48.1CVE-2024-32002Critical@babel/runtimeUpgraded to v7.26.10CVE-2025-27789MediumdjangoUpgraded to v4.2.20 in Automation BrokerCVE-2024-45230HighcryptographyUpgraded to v44.0.1CVE-2024-12797MediumpyOpenSSLUpgraded to v24.3.0CVE-2024-12797Mediumjquery.datatablesUpgraded to v1.13.11CVE-2020-28458, CVE-2021-23445HighDomPurifyUpgraded to v3.2.4CVE-2024-45801, CVE-2024-47875HighwkhtmlRemoved from Automation BrokerCVE-2022-35583Highcross-spawnUpgraded to v7.0.6CVE-2024-21538High@babel/traverseUpgraded to v7.26.7 (eliminated in v6.4.1)CVE-2024-48949CriticalsetuptoolsUpgraded to v75.5.0 (v6.4.0) / v78.1.0 (v6.4.1)CVE-2024-6345HighaxiosUpgraded to v1.7.9 (v6.4.0) / v1.8.3 (v6.4.1)CVE-2024-39338HighjinjaUpgraded to v3.1.4CVE-2024-34064MediumtornadoUpgraded to v6.4.2CVE-2024-52804Highavahi-daemonSet enable-wide-area to ‘no’ in configCVE-2024-52616MediumwerkzeugUpgraded to v3.0.6CVE-2024-49767High

Organizations should instantly improve to Splunk SOAR model 6.4.1 or increased to remediate all recognized vulnerabilities. 

The advisory impacts all SOAR base model 6.4 installations beneath 6.4.1, making this replace important for sustaining safety posture.

System directors ought to prioritize this replace because of the presence of a number of vital and high-severity CVEs. 

Organizations ought to schedule upkeep home windows promptly to deploy these vital safety patches and shield their SOAR environments from potential exploitation.

Assume like an Attacker, Mastering Endpoint Safety With Marcus Hutchins – Register Now

Cyber Security News Tags:Address, Packages, SOAR, Splunk, ThirdParty, Versions, Vulnerabilities

Post navigation

Previous Post: Nippon Steel Subsidiary Blames Data Breach on Zero-Day Attack
Next Post: DoNot APT Expands Operations, Targets European Foreign Ministries with LoptikMod Malware

Related Posts

glibc Vulnerability Exposes Millions of Linux Systems to Code Execution Attacks Cyber Security News
Google Vulnerability Let Attackers Access Any Google User Phone Number Cyber Security News
DuckDuckGo Rolls Out New Scam Blocker to Protect Users from Online Threats Cyber Security News
Evolution of DDoS Attacks Mitigation Strategies for 2025 Cyber Security News
10 Best Security Service Edge (SSE) Solutions Cyber Security News
25 Best Managed Security Service Providers (MSSP) Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • How to Monitor Your Identity on the Dark Web
  • Meta’s Llama Firewall Bypassed Using Prompt Injection Vulnerability
  • OpenAI is to Launch a AI Web Browser in Coming Weeks
  • WordPress GravityForms Plugin Hacked to Include Malicious Code
  • First Rowhammer Attack Targeting NVIDIA GPUs

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • How to Monitor Your Identity on the Dark Web
  • Meta’s Llama Firewall Bypassed Using Prompt Injection Vulnerability
  • OpenAI is to Launch a AI Web Browser in Coming Weeks
  • WordPress GravityForms Plugin Hacked to Include Malicious Code
  • First Rowhammer Attack Targeting NVIDIA GPUs

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News