Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: spice (UTSA-2026-016591)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016591 advisory. A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service CPU consumption by performing...

Unity Linux 20.1060e / 20.1070e Security Update: ant (UTSA-2026-016617)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016617 advisory. When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even f...

Unity Linux 20.1060e / 20.1070e Security Update: wildfly-security-manager (UTSA-2026-016673)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016673 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-rsa (UTSA-2026-016608)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016608 advisory. It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher...

Unity Linux 20.1060e / 20.1070e Security Update: wildfly-elytron (UTSA-2026-016677)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016677 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1060e / 20.1070e Security Update: avalon-framework (UTSA-2026-016662)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016662 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1060e / 20.1070e Security Update: mod_auth_openidc (UTSA-2026-016590)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016590 advisory. modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users again...

Unity Linux 20.1070e Security Update: bluez (UTSA-2026-016764)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016764 advisory. BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung in t...

Unity Linux 20.1070e Security Update: libEMF (UTSA-2026-016697)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016697 advisory. ScaleViewPortExtEx in libemf.cpp in libEMF aka ECMA-234 Metafile Library 1.0.12 allows an integer overflow and denial of service via a crafted EMF file. Tenable has...

Unity Linux 20.1060e / 20.1070e Security Update: logback (UTSA-2026-016687)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016687 advisory. In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to...

Unity Linux 20.1060e / 20.1070e Security Update: datanucleus-api-jdo (UTSA-2026-016658)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016658 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1070e Security Update: aspell (UTSA-2026-016693)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016693 advisory. objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop called from acommon::StringMap::add and acommon::Config::lookuplist...

Unity Linux 20.1070e Security Update: xmlgraphics-commons (UTSA-2026-016739)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016739 advisory. Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a...

Unity Linux 20.1070e Security Update: HikariCP (UTSA-2026-016726)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016726 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1060e / 20.1070e Security Update: maven-shared-utils (UTSA-2026-016689)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016689 advisory. In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection...

Unity Linux 20.1070e Security Update: netty (UTSA-2026-016700)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016700 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: springframework (UTSA-2026-016734)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016734 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-rails (UTSA-2026-016651)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016651 advisory. A deserialization of untrusted data vulnernerability exists in rails 5.2.4.3, rails 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in...

Unity Linux 20.1060e / 20.1070e Security Update: derby (UTSA-2026-016640)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016640 advisory. In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and...

Unity Linux 20.1070e Security Update: mutt (UTSA-2026-016745)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016745 advisory. Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line Tenable has extracted the preceding...