Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: spice (UTSA-2026-016604)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016604 advisory. Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE clie...

Unity Linux 20.1060e / 20.1070e Security Update: jackson (UTSA-2026-016674)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016674 advisory. A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus...

Unity Linux 20.1060e / 20.1070e Security Update: avalon-framework (UTSA-2026-016662)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016662 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1050e / 20.1070e Security Update: sox (UTSA-2026-016769)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016769 advisory. An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically...

Unity Linux 20.1060e / 20.1070e Security Update: ant (UTSA-2026-016617)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016617 advisory. When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even f...

Unity Linux 20.1060e / 20.1070e Security Update: xmlbeans (UTSA-2026-016630)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016630 advisory. The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include...

Unity Linux 20.1070e Security Update: datanucleus-rdbms (UTSA-2026-016692)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016692 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-jison (UTSA-2026-016653)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016653 advisory. Insufficient input validation in npm package jison = 0.4.18 may lead to OS command injection attacks. Tenable has extracted the preceding description block directly...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pillow (UTSA-2026-016594)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016594 advisory. pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. Tenable has extracted the preceding description block directly from the Unity Lin...

Unity Linux 20.1050e / 20.1070e Security Update: perl-Net-CIDR-Lite (UTSA-2026-016598)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016598 advisory. The Net::CIDR::Lite module before 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which in some...

Unity Linux 20.1070e Security Update: springframework (UTSA-2026-016734)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016734 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1050e / 20.1070e Security Update: sox (UTSA-2026-016771)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016771 advisory. An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsxvalloc macro that wraps malloc. Whe...

Unity Linux 20.1070e Security Update: netty (UTSA-2026-016700)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016700 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: HikariCP (UTSA-2026-016726)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016726 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1060e / 20.1070e Security Update: maven-shared-utils (UTSA-2026-016689)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016689 advisory. In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection...

Unity Linux 20.1050e / 20.1070e Security Update: ed25519-java (UTSA-2026-016772)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016772 advisory. The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA Strong Existential...

Unity Linux 20.1060e / 20.1070e Security Update: gd (UTSA-2026-016619)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016619 advisory. The GD Graphics Library aka LibGD through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks. Tenable has...

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-rails (UTSA-2026-016644)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016644 advisory. A client side enforcement of server side security vulnerability exists in rails 5.2.4.2 and rails 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length o...

Unity Linux 20.1070e Security Update: wildfly-core (UTSA-2026-016736)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016736 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1070e Security Update: jgroups (UTSA-2026-016713)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016713 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...