https://community.checkpoint.com/t5/General-Topics/CVE-2023-38545-amp-CVE-2023-38546/m-p/194764#M32605 <P>More information about&nbsp;CVE-2023-38545 &amp; CVE-2023-38546 has been released.&nbsp;</P><P><A href="https://curl.se/docs/CVE-2023-38545.html" target="_blank">https://curl.se/docs/CVE-2023-38545.html</A></P><P>Has anyone had any update from CKP about this vulnerability in CURL_CLI or other CKP components?</P><P>&nbsp;</P> Wed, 11 Oct 2023 08:16:49 GMT StackCap43382 2023-10-11T08:16:49Z https://community.checkpoint.com/t5/General-Topics/CVE-2023-38545-amp-CVE-2023-38546/m-p/194764#M32605 <P>More information about&nbsp;CVE-2023-38545 &amp; CVE-2023-38546 has been released.&nbsp;</P><P><A href="https://curl.se/docs/CVE-2023-38545.html" target="_blank">https://curl.se/docs/CVE-2023-38545.html</A></P><P>Has anyone had any update from CKP about this vulnerability in CURL_CLI or other CKP components?</P><P>&nbsp;</P> Wed, 11 Oct 2023 08:16:49 GMT https://community.checkpoint.com/t5/General-Topics/CVE-2023-38545-amp-CVE-2023-38546/m-p/194764#M32605 StackCap43382 2023-10-11T08:16:49Z https://community.checkpoint.com/t5/General-Topics/CVE-2023-38545-amp-CVE-2023-38546/m-p/194833#M32617 <P>My unofficial take, just from reading, is that you'd probably need expert-level access to even exploit this...and leverage SOCKS5.<BR />We don't leverage SOCKS5 at all for any of our automated uses of this tool.<BR />That makes this vulnerability less of a concern and not something that requires an immediate patch.</P> <P>Meanwhile, I assume we are investigating this issue formally and will provide an SK soon.</P> Wed, 11 Oct 2023 14:53:01 GMT https://community.checkpoint.com/t5/General-Topics/CVE-2023-38545-amp-CVE-2023-38546/m-p/194833#M32617 PhoneBoy 2023-10-11T14:53:01Z