Unity Linux 20.1060e / 20.1070e Security Update: httpd (UTSA-2026-017605)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017605 advisory. Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' Tenable has extracted the preceding description block directly from...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017711)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017711 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.23 and prior...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017515)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017515 advisory. In ParseMetaGeometry of MagickCore/geometry.c, image height and width calculations can lead to divide- by-zero conditions which also lead to undefined behavior. This...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017797)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017797 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.22 and prior. Easily exploitable...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: numpy (UTSA-2026-017404)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017404 advisory. Null Pointer Dereference vulnerability exists in numpy.sort in NumPy and 1.19 in the PyArrayDescrNew function due to missing return-value validation, which allows...

Unity Linux 20.1060e / 20.1070e Security Update: bind (UTSA-2026-017660)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017660 advisory. In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND 9 Supported Preview Edition, as...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: grub2 (UTSA-2026-017479)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017479 advisory. A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other...

Unity Linux 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-017420)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017420 advisory. An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequence...

Unity Linux 20.1060e / 20.1070e Security Update: flatpak (UTSA-2026-017590)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017590 advisory. Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the applyextra script sandbox, which allows attackers to modify a host-side executable file...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017456)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017456 advisory. Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 8.0.26 and prior. Difficult to explo...

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-puma (UTSA-2026-017512)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017512 advisory. In Puma RubyGem before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma...

Unity Linux 20.1060e / 20.1070e Security Update: SDL (UTSA-2026-017566)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017566 advisory. SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMAADPCMdecode in audio/SDLwave.c. Tenable has extracted the...

Unity Linux 20.1060e / 20.1070e Security Update: libX11 (UTSA-2026-017540)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017540 advisory. LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request intended for...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017522)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017522 advisory. TIFFGetProfiles in /coders/tiff.c calls strstr which causes a large out-of-bounds read when it searches for dc:format=\image/dng\ within profile due to improper stri...

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017642 advisory. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2...

Unity Linux 20.1060e / 20.1070e Security Update: openldap (UTSA-2026-017550)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017550 advisory. An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017669)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017669 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 8.0.22 and prior. Easily...

Unity Linux 20.1070e Security Update: jetty (UTSA-2026-017755)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017755 advisory. In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame. Tenable ha...

Unity Linux 20.1070e Security Update: ImageMagick (UTSA-2026-017464)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017464 advisory. ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and...

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017518)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017518 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...