Splunk has launched vital safety updates addressing a number of Frequent Vulnerabilities and Exposures (CVEs) in third-party packages throughout Enterprise variations 9.4.3, 9.3.5, 9.2.7, 9.1.10, and better.
Revealed on July 7, 2025, these updates remediate high-severity vulnerabilities in important parts, together with setuptools, golang.org/x/crypto, OpenSSL, and libcurl packages that might probably compromise system safety.
Key Takeaways1. Splunk addressing vital CVEs in third-party packages throughout Enterprise variations.2. Updates embody setuptools, golang.org/x/crypto, libcurl (10 CVEs), OpenSSL, and golang runtime parts.3. Improve to minimal variations: Enterprise 9.4.3, 9.3.5, 9.2.7, or 9.1.10.4. All supported Enterprise variations obtain applicable safety patches regardless of some element limitations in older variations.
Vital GoLang x/crypto Vulnerability
The safety advisory identifies a number of vital and high-severity vulnerabilities requiring fast consideration.
Probably the most vital vulnerability, CVE-2024-45337 with a severity ranking of “Vital,” impacts golang.org/x/crypto within the spl2-orchestrator element.
This flaw represents a high-severity within the cryptographic implementations utilized by Go functions, probably permitting attackers to compromise encrypted communications or bypass safety controls.
The vulnerability particularly impacts functions that make the most of the golang.org/x/crypto package deal for cryptographic operations, together with encryption, decryption, and safe key administration.
Within the context of Splunk Enterprise, this CVE impacts the spl2-orchestrator element, which handles orchestration duties throughout the Splunk platform.
Excessive-Severity Flaws in Setuptools, GoLang, and Libcurl
Excessive-severity vulnerabilities embody CVE-2024-6345 in setuptools, CVE-2025-22869 in golang.org/x/crypto id element, and a number of CVEs affecting golang packages in Mongodump and Mongorestore utilities.
The libcurl package deal presents notably regarding publicity, with upgrades addressing ten separate CVEs, together with CVE-2024-0853, CVE-2024-2398, CVE-2024-2466, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2024-11053, CVE-2025-0167, and CVE-2025-0725.
These vulnerabilities span throughout completely different severity ranges, with most categorised as high-risk, probably permitting unauthorized entry or system compromise.
PackagePatched Model / RemediationCVE ID(s)SeveritysetuptoolsUpgraded to 70.0.0CVE-2024-6345Highgolang.org/x/crypto (compsup)Upgraded to 0.37.0CVE-2024-45337, CVE-2025-22869, CVE-2025-27414, CVE-2025-22868, CVE-2025-23387, CVE-2025-23389, CVE-2025-23388, CVE-2025-22952, CVE-2024-45338Highgolang.org/x/crypto (id)Upgraded to 0.36.0CVE-2025-22869Highgolang.org/x/crypto (spl2-orchestrator)Upgraded to 0.36.0CVE-2024-45337Criticalgolang.org/x/web (compsup)Upgraded to 0.39.0CVE-2024-45338Mediumgolang.org/x/web (spl2-orchestrator)Upgraded to 0.37.0CVE-2024-45338Mediumgolang (Mongodump)Upgraded to 1.24.2CVE-2025-22869, CVE-2025-27414, CVE-2025-22868, CVE-2025-23387, CVE-2025-23389, CVE-2025-23388, CVE-2025-22952, CVE-2024-45338, CVE-2025-22870Highgolang (Mongorestore)Upgraded to 1.24.2CVE-2025-22869, CVE-2025-27414, CVE-2025-22868, CVE-2025-23387, CVE-2025-23389, CVE-2025-23388, CVE-2025-22952, CVE-2024-45338, CVE-2025-22870Highgolang (spl2-orchestrator)Upgraded to 1.24.0Multiple CVEsHighBeakerUpgraded to 1.12.1CVE-2013-7489Mediumazure-storage-blobUpgraded to 12.13.0CVE-2022-30187MediumOpenSSLUpgraded to 1.0.2zlCVE-2024-13176LowOpenSSLUpgraded to 1.0.2zlCVE-2024-9143InformationallibcurlUpgraded to eight.11.1CVE-2024-0853, CVE-2024-2398, CVE-2024-2466, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2024-11053, CVE-2025-0167, CVE-2025-0725High
Organizations should instantly improve to the next minimal variations: Splunk Enterprise 9.4.3 (from 9.4.0-9.4.2), 9.3.5 (from 9.3.0-9.3.4), 9.2.7 (from 9.2.0-9.2.6), or 9.1.10 (from 9.1.0-9.1.9).
It’s necessary to notice that sure binaries like compsup will not be current in 9.1.x variations, and spl2-orchestrator is absent from 9.3.x, 9.2.x, 9.1.x, and older variations.
Regardless of these version-specific limitations, all supported Enterprise variations obtain applicable safety patches for his or her respective parts, guaranteeing complete safety throughout the deployment ecosystem.
Suppose like an Attacker, Mastering Endpoint Safety With Marcus Hutchins – Register Now
