Unity Linux 20.1050e / 20.1070e Security Update: perl-Mojolicious (UTSA-2026-016595)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016595 advisory. The Mojolicious module before 9.11 for Perl has a bug in format detection that can potentially be exploited for denial of service. Tenable has extracted the precedin...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-handlebars (UTSA-2026-016670)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016670 advisory. The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted...

Unity Linux 20.1070e Security Update: nekohtml (UTSA-2026-016755)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016755 advisory. org.cyberneko.html is an html parser written in Java. The fork of org.cyberneko.html used by Nokogiri Rubygem raises a java.lang.OutOfMemoryError exception when...

Unity Linux 20.1060e / 20.1070e Security Update: avalon-framework (UTSA-2026-016685)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016685 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1060e / 20.1070e Security Update: grafana (UTSA-2026-016686)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016686 advisory. Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a...

Unity Linux 20.1050e / 20.1070e Security Update: LibRaw (UTSA-2026-016597)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016597 advisory. Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRawbufferdatastream::getschar, int in...

Unity Linux 20.1060e / 20.1070e Security Update: gnome-autoar (UTSA-2026-016668)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016668 advisory. autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: xmlrpc (UTSA-2026-016592)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016592 advisory. An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC aka ws-xmlrpc library. A malicious...

Unity Linux 20.1060e / 20.1070e Security Update: wildfly-common (UTSA-2026-016679)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016679 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: nodejs-minimist (UTSA-2026-016760)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016760 advisory. Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95. Tenable has extracted the preceding description block directly...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-jison (UTSA-2026-016653)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016653 advisory. Insufficient input validation in npm package jison = 0.4.18 may lead to OS command injection attacks. Tenable has extracted the preceding description block directly...

Unity Linux 20.1060e / 20.1070e Security Update: cifs-utils (UTSA-2026-016660)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016660 advisory. A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host...

Unity Linux 20.1050e / 20.1070e Security Update: sox (UTSA-2026-016769)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016769 advisory. An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically...

Unity Linux 20.1070e Security Update: mojarra (UTSA-2026-016756)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016756 advisory. Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter. Tenable has extracted the...

Unity Linux 20.1070e Security Update: rubygem-nokogiri (UTSA-2026-016729)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016729 advisory. Nokogiri is an open source XML and HTML library for Ruby. Nokogiri = 1.13.4. There are no known workarounds for this issue. Tenable has extracted the preceding...

Unity Linux 20.1050e / 20.1070e Security Update: perl-Mojolicious (UTSA-2026-016607)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016607 advisory. The Mojolicious module before 8.65 for Perl is vulnerable to securecompare timing attacks that allow an attacker to guess the length of a secret string. Only version...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-underscore (UTSA-2026-016621)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016621 advisory. The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function,...

Unity Linux 20.1060e / 20.1070e Security Update: google-gson (UTSA-2026-016683)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016683 advisory. The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lea...

Unity Linux 20.1070e Security Update: infinispan (UTSA-2026-016719)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016719 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: jersey (UTSA-2026-016750)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016750 advisory. Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFil...