On October 11, 2023, Daniel Stenberg announced the release of Curl version 8.4.0, which addresses two vulnerabilities: a low-severity one (CVE-2023-38546) affecting libcurl and a high-severity one (CVE-2023-38545) affecting both the Curl command-line tool and libcurl, from versions 7.69.0 to 8.3.0. The high-severity vulnerability involves a heap overflow potentially allowing remote code execution through SOCKS5 proxies, although exploitation is contingent upon specific conditions, such as using the socks5h scheme for proxy connections. Mitigation is possible by switching to local hostname resolving, and upgrading to Curl 8.4.0 provides a comprehensive solution. The JFrog DevOps platform is not susceptible to CVE-2023-38545 due to its lack of SOCKS5 proxy usage with remote resolving, and JFrog's security tools can identify Curl vulnerabilities across codebases and Docker environments.