Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glib2 (UTSA-2026-021476)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021476 advisory. gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN is not sufficient for a trailing '\0'...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-021467)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021467 advisory. In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads toa...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: xnio (UTSA-2026-021490)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021490 advisory. A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: bind (UTSA-2026-021471)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021471 advisory. If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: google-oauth-java-client (UTSA-2026-021484)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021484 advisory. The vulnerability is that IDToken verifier does not verify if token is properly signed. Signature verification makes sure that the token's payload comes from valid...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: firebird (UTSA-2026-021466)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021466 advisory. Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields when...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glib2 (UTSA-2026-021481)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021481 advisory. A flaw was found in glib. Missing validation of offset and count parameters in the gbufferedinputstreampeek function can lead to an integer overflow during length...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glib2 (UTSA-2026-021477)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021477 advisory. A flaw was found in GLib, which is vulnerable to an integer overflow in the gstringinsertunichar function. When the position at which to insert the character is larg...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: libpng (UTSA-2026-021494)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021494 advisory. LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glib2 (UTSA-2026-021480)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021480 advisory. A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: undertow (UTSA-2026-021479)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021479 advisory. A flaw was found in Undertow. Servlets using a method that calls HttpServletRequestImpl.getParameterNames can cause an OutOfMemoryError when the client sends a reque...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-lxml (UTSA-2026-021468)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021468 advisory. lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration with...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: perl-File-Find-Rule (UTSA-2026-021485)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021485 advisory. File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when grep encounters a crafted filename. A file handle is opened with the 2 argument...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-021483)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021483 advisory. In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointer...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: undertow (UTSA-2026-021493)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021493 advisory. A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParseStreamSourceChannel method to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-tornado (UTSA-2026-021488)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021488 advisory. In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.setcookie were not checked for...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: google-oauth-java-client (UTSA-2026-021491)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021491 advisory. PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorizatio...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-021473)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021473 advisory. In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed i...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: nodejs-requirejs (UTSA-2026-021492)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021492 advisory. jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts..configure. This vulnerability allows attackers to execute...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: git (UTSA-2026-021472)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021472 advisory. Git for Windows is the Windows port of Git. Prior to 2.53.02, it is possible to obtain a user's NTLM hash by tricking them into cloning from a malicious server. Sinc...