Unity Linux 20.1070e Security Update: expat (UTSA-2026-006167)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006167 advisory. In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data. Tenable has extracted the preceding description block...

Unity Linux 20.1070e Security Update: exiv2 (UTSA-2026-006187)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006187 advisory. Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2...

Unity Linux 20.1070a Security Update: bpftrace (UTSA-2026-006195)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006195 advisory. If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: xorg-x11-server (UTSA-2026-006172)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006172 advisory. A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when...

Unity Linux 20.1070e Security Update: vim (UTSA-2026-006151)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006151 advisory. When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pip (UTSA-2026-006147)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006147 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: openssl (UTSA-2026-006143)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006143 advisory. Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code poin...

Unity Linux 20.1070e Security Update: fontforge (UTSA-2026-006171)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006171 advisory. FontForge v20230101 was discovered to contain a memory leak via the component DlgCreate8. Tenable has extracted the preceding description block directly from the Uni...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: httpd (UTSA-2026-006142)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006142 advisory. An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: grafana-pcp (UTSA-2026-006194)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006194 advisory. The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is us...

Unity Linux 20.1070e Security Update: assimp (UTSA-2026-006188)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006188 advisory. A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDCImporter::ValidateSurfaceHeader...

Unity Linux 20.1070e Security Update: alsa-lib (UTSA-2026-006158)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006158 advisory. alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: grafana-pcp (UTSA-2026-006199)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006199 advisory. During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake...

Unity Linux 20.1070a Security Update: binutils (UTSA-2026-006196)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006196 advisory. A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copysection of the file binutils/objcopy.c...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pip (UTSA-2026-006136)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006136 advisory. urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-urllib3 (UTSA-2026-006146)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006146 advisory. urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks...

Unity Linux 20.1060e / 20.1070e Security Update: erlang (UTSA-2026-006131)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006131 advisory. Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an...

Unity Linux 20.1070e Security Update: python-django (UTSA-2026-006130)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006130 advisory. An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.striptags function is vulnerable to a potential...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: raptor2 (UTSA-2026-006052)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006052 advisory. In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptorntriplesparseterminternal...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: rubygem-rack (UTSA-2026-005939)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005939 advisory. Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit th...