Unity Linux 20.1060e / 20.1070e Security Update: zstd (UTSA-2026-017635)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017635 advisory. Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permission...

CVE-2026-35367

The CVE concerns the nohup utility from the uutils coreutils project, where nohup.out is created without explicit restricted permissions, causing it to inherit umask-based permissions (typically 0644) and become world-readable. This differs from GNU coreutils, which creates nohup.out with owner-o...

Linux Distros Unpatched Vulnerability : CVE-2026-35367

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The nohup utility in uutils coreutils creates its default output file, nohup.out, without specifying explicit restricted permissions. This causes the file to...

SUSE CVE-2021-24032

Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to...

ALPINE-CVE-2021-24031

In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions matching the input would only be set at completion time. Output files could therefore be readable or writable to unintended parties...