Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003046)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003046 advisory. An issue was discovered in fs/xfs/xfsicache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookupslow on a NULL inode-iops...

DEBIAN-CVE-2022-50306

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential out of bound read in ext4fcreplayscan For scan loop must ensure that at least EXT4FCTAGBASELEN space. If remain space less than EXT4FCTAGBASELEN which will lead to out of bound read when mounting corrupt file...

UBUNTU-CVE-2022-50306

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential out of bound read in ext4fcreplayscan For scan loop must ensure that at least EXT4FCTAGBASELEN space. If remain space less than EXT4FCTAGBASELEN which will lead to out of bound read when mounting corrupt file...

CVE-2025-57810 jsPDF Parsing of Corrupt PNGs Leads to Potential Denial of Service (DoS)

jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.2, user control of the first argument of the addImage method results in CPU utilization and denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful PNG...

UBUNTU-CVE-2025-0927

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Filesystem bugs due to corrupt images are not considered a CVE for any filesystem that is only mountable by CAPSYSADMIN in the initial user namespace. That includes delegated mounting...

CVE-2024-24792

CVE-2024-24792 affects the Go ecosystem, specifically the golang.org/x/image package. The vulnerability is triggered when parsing corrupt or malicious images with invalid color indices in palette-color images, causing a panic (crash). The connected sources confirm the issue name and affected comp...

DEBIAN-CVE-2018-10861

A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected...

Oracle Linux 5 : Moderate: / gimp (ELSA-2007-0513)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0513 advisory. 1.2.3-20.9.el3 - validate bytesperline header field when loading PCX files 247570 1.2.3-20.8.el3 - reduce GIMPMAXIMAGESIZE to 2^18 to detect bogus imag...