Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: vim (UTSA-2026-016512)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016512 advisory. Vim is an open source command line text editor. double-free in dialogchanged in Vim v9.1.0648. When abandoning a buffer, Vim may ask the user what to do with the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: arm-trusted-firmware (UTSA-2026-016502)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016502 advisory. Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-016501)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016501 advisory. In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, due to an error inconvert.quoted-printable-decode filter certain data can lead to buffer...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: squid (UTSA-2026-016517)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016517 advisory. Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Deni...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: microcode_ctl (UTSA-2026-016524)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016524 advisory. Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pip (UTSA-2026-016500)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016500 advisory. Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-craft...

Unity Linux 20.1050e / 20.1070e Security Update: OpenEXR (UTSA-2026-016503)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016503 advisory. An issue in Academy Software Foundation openexr v.3.2.3 and before allows a local attacker to cause a denial of service DoS via the convert function of...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssh (UTSA-2026-016495)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016495 advisory. In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-016513)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016513 advisory. In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescapefunction on 32-bit systems can cause an...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssh (UTSA-2026-016493)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016493 advisory. OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority tha...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: runc (UTSA-2026-016515)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016515 advisory. runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked...

Unity Linux 20.1070a Security Update: osbuild-composer (UTSA-2026-016497)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016497 advisory. The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: squid (UTSA-2026-016516)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016516 advisory. A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response head...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssh (UTSA-2026-016496)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016496 advisory. In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-016519)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016519 advisory. In PHP version 8.1. before 8.1.28, 8.2. before 8.2.18, 8.3. before 8.3.5, ifa password stored with passwordhash starts with a null byte \x00, testing a blank string ...

Unity Linux 20.1070a Security Update: osbuild-composer (UTSA-2026-016489)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016489 advisory. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: microcode_ctl (UTSA-2026-016522)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016522 advisory. Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel AtomR processors may allow a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: vim (UTSA-2026-016508)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016508 advisory. The UNIX editor Vim prior to version 9.1.0678 has a use-after-free error in argument list handling. When adding a new file to the argument list, this triggers Buf...

Unity Linux 20.1050e / 20.1070e Security Update: perl-Module-ScanDeps (UTSA-2026-016505)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016505 advisory. Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: microcode_ctl (UTSA-2026-016523)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016523 advisory. Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some IntelR Processors may allow an authenticated user to...