mini_httpd is a small webserver with optional SSL and IPv6 support.
mini_httpd does not properly check for shell escapes when parsing HTTP requests.
A remote attacker could send specially crafted HTTP requests, possibly resulting in execution of arbitrary code with the privileges of the process, or allowing for overwriting of files.
There is no known workaround at this time.
Gentoo discontinued support for mini_httpd. We recommend that users unmerge mini_httpd:
# emerge --unmerge "www-servers/mini_httpd"