The curl project has released details regarding CVE-2023-38545, a high-severity vulnerability found in curl and libcurl. Apollo Router, Apollo Client, Apollo Server, Apollo Kotlin, Apollo iOS, and Rover are not affected by this vulnerability as they do not rely on curl or utilize it exclusively with trusted domains. However, some containers in GraphOS Studio that comprise the project may include affected versions of curl, but Apollo does not use SOCKS5 proxies to manage traffic within its environment, which safeguards GraphOS from exposure to the vulnerability. Apollo is conducting an initial review of its projects to identify those that rely on curl and will provide updates as necessary. The company strongly advises customers to apply any available updates to curl as they become available and will promptly communicate any relevant updates or actions needed to address the vulnerability.