Automated analysis has detected that the following third party packages have had vulnerabilities publicly reported. 

NOTE: There may be several bugs listed below - in almost all cases, all bugs can be quickly addressed by upgrading to the latest version of the package.

Package Name: net-misc/curl
Package Version: [cpe:/a:curl:curl:7.51.0 cpe:/a:curl:libcurl:7.51.0 cpe:/a:haxx:curl:7.51.0 cpe:/a:haxx:libcurl:7.51.0]

Advisory: CVE-2017-8816
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2017-8816
  CVSS severity score: 7.5/10.0
  Confidence: high
  Description:

The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.
Advisory: CVE-2017-8817
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2017-8817
  CVSS severity score: 7.5/10.0
  Confidence: high
  Description:

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.