Unity Linux 20.1070a Security Update: osbuild-composer (UTSA-2026-016490)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016490 advisory. Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: microcode_ctl (UTSA-2026-016523)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016523 advisory. Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some IntelR Processors may allow an authenticated user to...

Unity Linux 20.1050e / 20.1070e Security Update: perl-Module-ScanDeps (UTSA-2026-016505)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016505 advisory. Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: microcode_ctl (UTSA-2026-016524)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016524 advisory. Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: squid (UTSA-2026-016517)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016517 advisory. Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Deni...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: microcode_ctl (UTSA-2026-016522)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016522 advisory. Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel AtomR processors may allow a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-016513)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016513 advisory. In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescapefunction on 32-bit systems can cause an...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-016509)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016509 advisory. In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, when using streams with configured proxy and requestfulluri option, the URI is not proper...

Unity Linux 20.1070a Security Update: osbuild-composer (UTSA-2026-016489)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016489 advisory. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: vim (UTSA-2026-016514)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016514 advisory. Vim is an open source command line text editor. Vim v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: vim (UTSA-2026-016512)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016512 advisory. Vim is an open source command line text editor. double-free in dialogchanged in Vim v9.1.0648. When abandoning a buffer, Vim may ask the user what to do with the...

Unity Linux 20.1070a Security Update: osbuild-composer (UTSA-2026-016497)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016497 advisory. The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: uboot-tools (UTSA-2026-016520)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016520 advisory. Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 3861aa5 up to today on any platform allows an attacker on the local...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: squid (UTSA-2026-016516)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016516 advisory. A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response head...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssh (UTSA-2026-016495)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016495 advisory. In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the...

Unity Linux 20.1060e / 20.1070e Security Update: openssh (UTSA-2026-016487)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016487 advisory. OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority tha...

Unity Linux 20.1060e / 20.1070e Security Update: openssh (UTSA-2026-016484)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016484 advisory. In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as...

Unity Linux 20.1060e / 20.1070e Security Update: openssh (UTSA-2026-016488)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016488 advisory. OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted ...

Unity Linux 20.1060e / 20.1070e Security Update: openssh (UTSA-2026-016486)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016486 advisory. OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions. Tenable has extracted the preceding description block directly...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-016369)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016369 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 exce...