Unity Linux 20.1060e / 20.1070e Security Update: wpa_supplicant (UTSA-2026-017609)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017609 advisory. In p2pcopyclientinfo of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device i...

Unity Linux 20.1070e Security Update: SDL2 (UTSA-2026-017800)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017800 advisory. SDL Simple DirectMedia Layer through 2.0.12 has an Integer Overflow and resultant SDLmemcpy heap corruption in SDLBlitCopy in video/SDLblitcopy.c via a crafted .BMP...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pillow (UTSA-2026-017486)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017486 advisory. Pillow before 8.1.2 allows attackers to cause a denial of service memory consumption because the reported size of a contained image is not properly checked for an IC...

Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017707)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017707 advisory. An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5Olinkdecode in H5Olink.c. Tenable has extracted the...

Unity Linux 20.1060e / 20.1070e Security Update: SDL (UTSA-2026-017566)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017566 advisory. SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMAADPCMdecode in audio/SDLwave.c. Tenable has extracted the...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017522)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017522 advisory. TIFFGetProfiles in /coders/tiff.c calls strstr which causes a large out-of-bounds read when it searches for dc:format=\image/dng\ within profile due to improper stri...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017608)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017608 advisory. A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form...

Unity Linux 20.1060e / 20.1070e Security Update: flatpak (UTSA-2026-017590)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017590 advisory. Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the applyextra script sandbox, which allows attackers to modify a host-side executable file...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017667)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017667 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.22 and prior. Easily exploitable...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017440)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017440 advisory. Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerabili...

Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017589)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017589 advisory. When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-jinja2 (UTSA-2026-017474)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017474 advisory. This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the punctuationre regex operator and its use of multiple...

Unity Linux 20.1060e / 20.1070e Security Update: libssh (UTSA-2026-017426)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017426 advisory. A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is...

Unity Linux 20.1060e / 20.1070e Security Update: haproxy (UTSA-2026-017418)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017418 advisory. An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It does not ensure that the scheme and path portions of a URI have the...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017722)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017722 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017506)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017506 advisory. A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in...

Unity Linux 20.1060e / 20.1070e Security Update: sane-backends (UTSA-2026-017583)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017583 advisory. An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, su...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs (UTSA-2026-017558)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017558 advisory. Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uvidnatoascii is used to convert strings to ASCII. The pointer p is read and...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017678)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017678 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior...

Unity Linux 20.1070e Security Update: opensc (UTSA-2026-017704)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017704 advisory. The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in scpkcs15emugemsafeGPKinit. Tenable has extracted the...