Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: pcs (UTSA-2026-006185)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006185 advisory. Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form- data parser encounters certain errors, it logs a warning but...

Unity Linux 20.1070e Security Update: exiv2 (UTSA-2026-006187)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006187 advisory. Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: perl-JSON-XS (UTSA-2026-006133)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006133 advisory. JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other...

Unity Linux 20.1070e Security Update: vim (UTSA-2026-006149)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006149 advisory. Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vims zip.vim plugin can allow overwriting of arbitrary files wh...

Unity Linux 20.1070e Security Update: vim (UTSA-2026-006155)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006155 advisory. Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow overwriting of arbitrary files wh...

Unity Linux 20.1070e Security Update: avahi (UTSA-2026-006159)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006159 advisory. Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, an unprivileged local users can...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: xorg-x11-server (UTSA-2026-006172)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006172 advisory. A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when...

Unity Linux 20.1070e Security Update: fontforge (UTSA-2026-006171)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006171 advisory. FontForge v20230101 was discovered to contain a memory leak via the component DlgCreate8. Tenable has extracted the preceding description block directly from the Uni...

Unity Linux 20.1070e Security Update: expat (UTSA-2026-006167)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006167 advisory. In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data. Tenable has extracted the preceding description block...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis6 (UTSA-2026-006176)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006176 advisory. Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: xorg-x11-server (UTSA-2026-006181)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006181 advisory. A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to...

Unity Linux 20.1070e Security Update: alsa-lib (UTSA-2026-006158)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006158 advisory. alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: grafana-pcp (UTSA-2026-006194)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006194 advisory. The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is us...

Unity Linux 20.1070a Security Update: binutils (UTSA-2026-006200)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006200 advisory. A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfdelfsetgroupcontents of the file...

Unity Linux 20.1070e Security Update: assimp (UTSA-2026-006188)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006188 advisory. A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDCImporter::ValidateSurfaceHeader...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pip (UTSA-2026-006152)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006152 advisory. When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that upgradi...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: grafana-pcp (UTSA-2026-006198)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006198 advisory. Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is...

Unity Linux 20.1070e Security Update: vim (UTSA-2026-006140)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006140 advisory. Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the :redir ex command to register, variables and files...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: grafana-pcp (UTSA-2026-006197)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006197 advisory. The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the...

Unity Linux 20.1070e Security Update: avahi (UTSA-2026-006169)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006169 advisory. Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by...