Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000657)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000657 advisory. The ip6fragqueue function in net/ipv6/reassembly.c in the Linux kernel before 2.6.36 allows remote attackers to bypass intended network restrictions via overlapping...

BIT-GOLANG-2025-47912 Insufficient validation of bracketed IPv6 hostnames in net/url

The Parse function permits values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed within square brackets. For example: "http://::1/". IPv4 addresses and hostnames mus...

edk2: Infinite loop when parsing a PadN option in the Destination Options header

The Network Package in EDK2 is vulnerable to an infinite loop exploit when parsing a PadN option within the Destination Options header of IPv6. This flaw allows an unauthorized attacker to gain access and potentially result in a loss of system availability...

OESA-2023-1360 c-ares security update

This is c-ares, an asynchronous resolver library. It is intended for applications which need to perform DNS queries without blocking, or need to perform multiple Security Fixes: c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6...

DEBIAN-CVE-2022-27775

An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead...

DEBIAN-CVE-2003-0254

Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service CPU consumption by infinite loop when the FTP proxy server fails to create an IPv6 socket...