Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005312)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005312 advisory. REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssl (UTSA-2026-005327)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005327 advisory. Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary:...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005310)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005310 advisory. REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: osbuild-composer (UTSA-2026-005317)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005317 advisory. A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled input...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005324)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005324 advisory. Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, Rack::Multipart::Parser can accumulate unbounded data when a multipart...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: raptor2 (UTSA-2026-005330)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005330 advisory. In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptorurinormalizepath. Tenable has...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005309)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005309 advisory. Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form- data parser encounters certain errors, it logs a warning but...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: osbuild-composer (UTSA-2026-005319)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005319 advisory. Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Tenable...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: cups (UTSA-2026-005326)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005326 advisory. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sen...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: resource-agents (UTSA-2026-005325)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005325 advisory. Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-craft...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-005265)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005265 advisory. In PHP versions:8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1, a heap buffer overflow occurs in arraymerge when t...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-005273)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005273 advisory. In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescapefunction on 32-bit systems can cause an...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: varnish (UTSA-2026-005271)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005271 advisory. A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may resul...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gstreamer1-plugins-bad-free (UTSA-2026-005272)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005272 advisory. GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-005264)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005264 advisory. In PHP versions:8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1, the getimagesize function may leak uninitialized...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: wireshark (UTSA-2026-005277)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005277 advisory. Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file Tenable has extracted t...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: clickhouse (UTSA-2026-005268)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005268 advisory. An issue was discovered in ClickHouse before 22.9.1.2603. An attacker could send a crafted HTTP request to the HTTP Endpoint usually listening on port 8123 by defaul...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: raptor2 (UTSA-2026-005274)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005274 advisory. In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptorurinormalizepath. Tenable has...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: varnish (UTSA-2026-005275)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005275 advisory. Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10 allow client-side desync via HTTP/1 requests. Tenable has extracted the preceding description bloc...

Unity Linux 20.1070e Security Update: screen (UTSA-2026-005209)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005209 advisory. A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be...