Is CA Embedded Entitlements Manager (EEM) impacted by these vulnerabilities were found in the libcurl librar, CVE-2023-38545 & CVE-2023-38546?

NOTE: Not affected versions of libcurl are: <7.69.0 and >=8.4.0

Versions 12.6.3.0, 12.6.4.0, 12.6.5.0, 12.6.6.0

CVE-2023-38545 - Based on the initial review on the usage of the libcurl, EEM is not using SOCKS5 proxy for connecting to remote hosts. While the version used is vulnerable, they are not exploitable since SOCKS5 proxy is not enabled.

CVE-2023-38546 - EEM is not impacted by CVE-2023-38546. EEM's use of the libcurl API does not meet the specific set of conditions that would allow an attacker to exploit this vulnerability.