Automated analysis has detected that the following third party packages have had vulnerabilities publicly reported. 

NOTE: There may be several bugs listed below - in almost all cases, all bugs can be quickly addressed by upgrading to the latest version of the package.

Package Name: net-vpn/openvpn
Package Version: [cpe:/a:openvpn:openvpn:2.4.2 cpe:/a:openvpn:openvpn:2.4.3]

Advisory: CVE-2017-7520
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2017-7520
  CVSS severity score: 4/10.0
  Confidence: high
  Description:

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker.
Advisory: CVE-2017-7521
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2017-7521
  CVSS severity score: 4.3/10.0
  Confidence: high
  Description:

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension().