Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: tomcat (UTSA-2026-014281)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014281 advisory. Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: rubygem-addressable (UTSA-2026-014268)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014268 advisory. Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: jq (UTSA-2026-014276)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014276 advisory. jq is a command-line JSON processor. In versions 1.8.1 and below, functions jvsetpath, jvgetpath, and delpathssorted in jq's src/jvaux.c use unbounded recursion whos...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-014302)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014302 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, on...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-014301)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014301 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock Using f2fstrylockop in f2fswritecompressedpages to avoid...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libvpx (UTSA-2026-014289)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014289 advisory. Heap buffer overflow in libvpx. This vulnerability affects Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: jq (UTSA-2026-014278)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014278 advisory. jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jvparsesized API in libjq accepts a counted buffer with an...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: nginx (UTSA-2026-014292)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014292 advisory. A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MI...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: jq (UTSA-2026-014272)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014272 advisory. jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible seed 0x432A9843 f...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: jq (UTSA-2026-014264)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014264 advisory. jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the strindices builtin in jq's src/builtin.c passes its arguments...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glibc (UTSA-2026-014283)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014283 advisory. The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-014303)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014303 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Zhang and syzbot reported, there is potential...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: nginx (UTSA-2026-014290)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014290 advisory. NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpdavmodule module that might allow an attacker to trigger a buffer overflow to the NGINX worker...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: tomcat (UTSA-2026-014270)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014270 advisory. Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native and Tomcat's FFM port of the Tomcat Nativ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: nginx (UTSA-2026-014267)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014267 advisory. The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGINX...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: vim (UTSA-2026-014266)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014266 advisory. Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens ...

Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-014300)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014300 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should not ever dereference the NULL pointer which...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gimp (UTSA-2026-014294)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014294 advisory. GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: nginx (UTSA-2026-014291)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014291 advisory. When the ngxmailauthhttpmodulemodule is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occu...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gdk-pixbuf2 (UTSA-2026-014288)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014288 advisory. A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color compone...