Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-good (UTSA-2026-014314)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014314 advisory. GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: fontforge (UTSA-2026-014308)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014308 advisory. FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-good (UTSA-2026-014313)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014313 advisory. GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affect...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: python3 (UTSA-2026-014321)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014321 advisory. The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: fontforge (UTSA-2026-014309)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014309 advisory. FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary cod...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: nghttp2 (UTSA-2026-014315)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014315 advisory. nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when use...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: python3 (UTSA-2026-014318)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014318 advisory. When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues Tenable has...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: python3 (UTSA-2026-014320)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014320 advisory. The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-bad-free (UTSA-2026-014316)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014316 advisory. GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gimp (UTSA-2026-014295)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014295 advisory. GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-014301)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014301 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock Using f2fstrylockop in f2fswritecompressedpages to avoid...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: jq (UTSA-2026-014276)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014276 advisory. jq is a command-line JSON processor. In versions 1.8.1 and below, functions jvsetpath, jvgetpath, and delpathssorted in jq's src/jvaux.c use unbounded recursion whos...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: rubygem-addressable (UTSA-2026-014268)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014268 advisory. Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: nginx (UTSA-2026-014274)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014274 advisory. NGINX Plus and NGINX Open Source have a vulnerability in the ngxmailsmtpmodule module due to the improper handling of CRLF sequences in DNS responses. This allows an...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-014302)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014302 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, on...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: tomcat (UTSA-2026-014281)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014281 advisory. Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: jq (UTSA-2026-014278)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014278 advisory. jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jvparsesized API in libjq accepts a counted buffer with an...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: nginx (UTSA-2026-014292)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014292 advisory. A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MI...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: jq (UTSA-2026-014272)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014272 advisory. jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible seed 0x432A9843 f...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libvpx (UTSA-2026-014289)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014289 advisory. Heap buffer overflow in libvpx. This vulnerability affects Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2...