Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017678)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017678 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs (UTSA-2026-017558)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017558 advisory. Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uvidnatoascii is used to convert strings to ASCII. The pointer p is read and...

Unity Linux 20.1070e Security Update: opensc (UTSA-2026-017704)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017704 advisory. The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in scpkcs15emugemsafeGPKinit. Tenable has extracted the...

Unity Linux 20.1060e / 20.1070e Security Update: php (UTSA-2026-017496)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017496 advisory. In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filtervar$url, FILTERVALIDATEURL, PHP will accept an URL wi...

Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017710)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017710 advisory. An issue was discovered in the HDF HDF5 1.8.20 library. There is a buffer over-read in H5Ochunkdeserialize in H5Ocache.c. Tenable has extracted the preceding...

Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017507)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017507 advisory. curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPTSSLCIPHERLIST when libcurl is built to use...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017449)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017449 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Options. Supported versions that are affected are 8.0.26 and prior. Difficult to exploit...

Unity Linux 20.1060e / 20.1070e Security Update: mutt (UTSA-2026-017499)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017499 advisory. rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service mailbox unavailability by sending email messages with sequences of semicolon...

Unity Linux 20.1060e / 20.1070e Security Update: pdfbox (UTSA-2026-017627)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017627 advisory. In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017716)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017716 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.23 and prior. Easily exploitable...

Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017780)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017780 advisory. A SIGFPE signal is raised in the function H5Dchunksetinforeal of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because o...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017666)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017666 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017696)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017696 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PS. Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easi...

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017603)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017603 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

Unity Linux 20.1060e / 20.1070e Security Update: zstd (UTSA-2026-017635)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017635 advisory. Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permission...

Unity Linux 20.1060e / 20.1070e Security Update: tomcat (UTSA-2026-017612)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017612 advisory. When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers an...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017723)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017723 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 8.0.23 and prior. Easily...

Unity Linux 20.1060e / 20.1070e Security Update: openjpeg2 (UTSA-2026-017604)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017604 advisory. Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service DoS. This occurs when the attacker uses the command...

Unity Linux 20.1060e / 20.1070e Security Update: rpm (UTSA-2026-017662)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017662 advisory. A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from...

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017638)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017638 advisory. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2...