Unity Linux 20.1070e Security Update: bluez (UTSA-2026-016764)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016764 advisory. BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung in t...

Unity Linux 20.1070e Security Update: mojarra (UTSA-2026-016756)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016756 advisory. Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter. Tenable has extracted the...

Unity Linux 20.1060e / 20.1070e Security Update: google-gson (UTSA-2026-016683)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016683 advisory. The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lea...

Unity Linux 20.1050e / 20.1070e Security Update: sox (UTSA-2026-016773)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016773 advisory. An issue was discovered in SoX 14.4.2. lsxmakelpf in effectidsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is...

Unity Linux 20.1070e Security Update: gd (UTSA-2026-016717)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016717 advisory. gdImageGd2Ptr in gdgd2.c in the GD Graphics Library aka LibGD through 2.3.2 has a double free. NOTE: the vendor's position is The GD2 image format is a proprietary...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-rsa (UTSA-2026-016608)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016608 advisory. It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher...

Unity Linux 20.1060e / 20.1070e Security Update: ant (UTSA-2026-016612)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016612 advisory. When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memor...

Unity Linux 20.1050e / 20.1070e Security Update: sox (UTSA-2026-016768)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016768 advisory. An issue was discovered in SoX 14.4.2. lsxmakelpf in effectidsp.c allows a NULL pointer dereference. Tenable has extracted the preceding description block directly...

Unity Linux 20.1070e Security Update: infinispan (UTSA-2026-016719)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016719 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1060e / 20.1070e Security Update: libupnp (UTSA-2026-016655)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016655 advisory. Portable UPnP SDK aka libupnp 1.12.1 and earlier allows remote attackers to cause a denial of service crash via a crafted SSDP message due to a NULL pointer...

Unity Linux 20.1060e / 20.1070e Security Update: mybatis (UTSA-2026-016634)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016634 advisory. MyBatis before 3.5.6 mishandles deserialization of object streams. Tenable has extracted the preceding description block directly from the Unity Linux security...

Unity Linux 20.1070e Security Update: HikariCP (UTSA-2026-016695)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016695 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1070e Security Update: datanucleus-rdbms (UTSA-2026-016721)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016721 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: log4j (UTSA-2026-016696)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016696 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: shadow (UTSA-2026-016733)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016733 advisory. shadow: TOCTOU time-of-check time-of-use race condition when copying and removing directory trees Tenable has extracted the preceding description block directly from...

Unity Linux 20.1070e Security Update: wildfly-common (UTSA-2026-016751)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016751 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

Unity Linux 20.1070e Security Update: resteasy (UTSA-2026-016699)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016699 advisory. JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could...

Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-016743)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016743 advisory. MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on...

Unity Linux 20.1070e Security Update: resteasy (UTSA-2026-016727)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016727 advisory. A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when...

Unity Linux 20.1070e Security Update: nodejs-hawk (UTSA-2026-016758)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016758 advisory. Hawk is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with partial cryptographic verification of the request and response...