Unity Linux 20.1060e / 20.1070e Security Update: mybatis (UTSA-2026-016634)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016634 advisory. MyBatis before 3.5.6 mishandles deserialization of object streams. Tenable has extracted the preceding description block directly from the Unity Linux security...

Unity Linux 20.1060e / 20.1070e Security Update: gupnp (UTSA-2026-016639)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016639 advisory. An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick ...

Unity Linux 20.1070e Security Update: wildfly-core (UTSA-2026-016706)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016706 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: springframework (UTSA-2026-016742)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016742 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

Unity Linux 20.1070e Security Update: jgroups (UTSA-2026-016713)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016713 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1060e / 20.1070e Security Update: nettle (UTSA-2026-016616)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016616 advisory. A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve...

Unity Linux 20.1070e Security Update: springframework (UTSA-2026-016711)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016711 advisory. Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests ...

Unity Linux 20.1060e / 20.1070e Security Update: openblas (UTSA-2026-016623)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016623 advisory. An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version...

Unity Linux 20.1070e Security Update: libEMF (UTSA-2026-016698)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016698 advisory. libEMF aka ECMA-234 Metafile Library through 1.0.11 allows a use-after-free. Tenable has extracted the preceding description block directly from the Unity Linux...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-getobject (UTSA-2026-016643)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016643 advisory. Prototype pollution vulnerability in 'getobject' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution. Tenable has...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-fstream (UTSA-2026-016675)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016675 advisory. fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file th...

Unity Linux 20.1060e / 20.1070e Security Update: avalon-logkit (UTSA-2026-016681)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016681 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1060e / 20.1070e Security Update: ganglia (UTSA-2026-016666)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016666 advisory. ganglia-web aka Ganglia Web Frontend through 3.7.5 allows XSS via the header.php ce parameter. Tenable has extracted the preceding description block directly from th...

Unity Linux 20.1070e Security Update: datanucleus-rdbms (UTSA-2026-016721)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016721 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: log4j (UTSA-2026-016724)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016724 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1070e Security Update: log4j (UTSA-2026-016725)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016725 advisory. It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non- default configurations. This could allows attackers with...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-hosted-git-info (UTSA-2026-016626)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016626 advisory. The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service ReDoS via regular expression shortcutMatch in the fromUrl function in...

Unity Linux 20.1070e Security Update: mysql-connector-java (UTSA-2026-016694)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016694 advisory. Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/J. Supported versions that are affected are 8.0.15 and prior. Difficult to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pillow (UTSA-2026-016600)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016600 advisory. Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL. Tenable has extracted the preceding description block directly from the Unity Linux security...

Unity Linux 20.1070e Security Update: festival (UTSA-2026-016710)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016710 advisory. festivalserver in Centre for Speech Technology Research CSTR Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LDLIBRARYPATH,...