Unity Linux 20.1060e / 20.1070e Security Update: grafana (UTSA-2026-016665)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016665 advisory. Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user...

Unity Linux 20.1050e / 20.1070e Security Update: sox (UTSA-2026-016773)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016773 advisory. An issue was discovered in SoX 14.4.2. lsxmakelpf in effectidsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is...

Unity Linux 20.1060e / 20.1070e Security Update: grafana (UTSA-2026-016632)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016632 advisory. Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for full...

Unity Linux 20.1070e Security Update: wildfly-build-tools (UTSA-2026-016705)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016705 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1060e / 20.1070e Security Update: gd (UTSA-2026-016663)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016663 advisory. readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA...

Unity Linux 20.1060e / 20.1070e Security Update: xmlbeans (UTSA-2026-016630)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016630 advisory. The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: hibernate4 (UTSA-2026-016599)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016599 advisory. A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit...

Unity Linux 20.1070e Security Update: mx4j (UTSA-2026-016744)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016744 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1060e / 20.1070e Security Update: jdom2 (UTSA-2026-016676)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016676 advisory. An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. Tenable has extracted the preceding...

Unity Linux 20.1070e Security Update: jackson-dataformats-binary (UTSA-2026-016707)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016707 advisory. This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation o...

Unity Linux 20.1060e / 20.1070e Security Update: grafana (UTSA-2026-016672)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016672 advisory. Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows attacke...

Unity Linux 20.1070e Security Update: mx4j (UTSA-2026-016714)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016714 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1050e / 20.1070e Security Update: sox (UTSA-2026-016771)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016771 advisory. An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsxvalloc macro that wraps malloc. Whe...

Unity Linux 20.1060e / 20.1070e Security Update: ganglia (UTSA-2026-016671)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016671 advisory. ganglia-web aka Ganglia Web Frontend through 3.7.5 allows XSS via the header.php cs parameter. Tenable has extracted the preceding description block directly from th...

Unity Linux 20.1070e Security Update: undertow (UTSA-2026-016715)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016715 advisory. A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the Expect: 100-continue header may cause an out of memory error...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pillow (UTSA-2026-016601)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016601 advisory. pathgetbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. Tenable has extracted the preceding description block...

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-excon (UTSA-2026-016618)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016618 advisory. In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted such as by a timeout would leave da...

Unity Linux 20.1070e Security Update: gnome-shell (UTSA-2026-016740)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016740 advisory. An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappea...

Unity Linux 20.1060e / 20.1070e Security Update: grafana (UTSA-2026-016609)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016609 advisory. Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest...

Unity Linux 20.1060e / 20.1070e Security Update: lynx (UTSA-2026-016667)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016667 advisory. Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data...