Unity Linux 20.1070e Security Update: netty (UTSA-2026-016738)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016738 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: arm-trusted-firmware (UTSA-2026-016603)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016603 advisory. Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of getext and authnvctr...

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-kramdown (UTSA-2026-016646)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016646 advisory. The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access such as...

Unity Linux 20.1060e / 20.1070e Security Update: apache-commons-io (UTSA-2026-016648)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016648 advisory. In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like //../foo, or ..\foo, the result would be the...

Unity Linux 20.1060e / 20.1070e Security Update: grafana (UTSA-2026-016678)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016678 advisory. Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin...

Unity Linux 20.1070e Security Update: log4j (UTSA-2026-016732)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016732 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

Unity Linux 20.1060e / 20.1070e Security Update: ant (UTSA-2026-016647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016647 advisory. As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-getobject (UTSA-2026-016643)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016643 advisory. Prototype pollution vulnerability in 'getobject' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution. Tenable has...

Unity Linux 20.1050e / 20.1070e Security Update: perl-Mojolicious (UTSA-2026-016607)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016607 advisory. The Mojolicious module before 8.65 for Perl is vulnerable to securecompare timing attacks that allow an attacker to guess the length of a secret string. Only version...

Unity Linux 20.1070e Security Update: jackson-dataformats-binary (UTSA-2026-016707)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016707 advisory. This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation o...

Unity Linux 20.1060e / 20.1070e Security Update: mutt (UTSA-2026-016642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016642 advisory. Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate. Tenable has...

Unity Linux 20.1060e / 20.1070e Security Update: grafana (UTSA-2026-016672)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016672 advisory. Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows attacke...

Unity Linux 20.1060e / 20.1070e Security Update: jdom2 (UTSA-2026-016676)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016676 advisory. An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. Tenable has extracted the preceding...

Unity Linux 20.1070e Security Update: mx4j (UTSA-2026-016744)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016744 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-bottle (UTSA-2026-016605)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016605 advisory. Bottle before 0.12.20 mishandles errors during early request binding. Tenable has extracted the preceding description block directly from the Unity Linux security...

Unity Linux 20.1050e / 20.1070e Security Update: LibRaw (UTSA-2026-016597)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016597 advisory. Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRawbufferdatastream::getschar, int in...

Unity Linux 20.1070e Security Update: mx4j (UTSA-2026-016714)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016714 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: spice (UTSA-2026-016591)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016591 advisory. A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service CPU consumption by performing...

Unity Linux 20.1060e / 20.1070e Security Update: wildfly-security-manager (UTSA-2026-016673)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016673 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: nodejs-minimist (UTSA-2026-016760)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016760 advisory. Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95. Tenable has extracted the preceding description block directly...