Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017351)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017351 advisory. In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too fe...

DEBIAN-CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

AZL-10921 CVE-2022-40674 affecting package expat for versions less than 2.4.8-2

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

AZL-7157 CVE-2022-22823 affecting package expat for versions less than 2.4.3-1

buildmodel in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...