Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis (UTSA-2026-005345)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005345 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: busybox (UTSA-2026-005333)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005333 advisory. In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences. Tenable has extracted the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-005336)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005336 advisory. A vulnerability was found in GNU Binutils 2.45. Impacted is the function bfdx86elflatesizesections of the file bfd/elfxx-x86.c of the component Linker. The...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-005341)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005341 advisory. A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: httpd (UTSA-2026-005339)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005339 advisory. Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd=...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: httpd (UTSA-2026-005340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005340 advisory. Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: postgresql-13 (UTSA-2026-005346)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005346 advisory. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: httpd (UTSA-2026-005337)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005337 advisory. moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis (UTSA-2026-005347)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005347 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to caus...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis (UTSA-2026-005343)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005343 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: fastjson (UTSA-2026-005331)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005331 advisory. The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: busybox (UTSA-2026-005338)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005338 advisory. In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv0 containing an ANSI terminal escape sequence, leading to a denial of...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssl (UTSA-2026-005327)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005327 advisory. Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary:...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: poppler (UTSA-2026-005304)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005304 advisory. Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005308)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005308 advisory. Rack is a modular Ruby web server interface. Carefully crafted content type headers can cause Racks media type parser to take much longer than expected, leading to a...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005310)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005310 advisory. REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005306)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005306 advisory. Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: clickhouse (UTSA-2026-005321)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005321 advisory. An issue was discovered in ClickHouse before 22.9.1.2603. An attacker could send a crafted HTTP request to the HTTP Endpoint usually listening on port 8123 by defaul...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005328)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005328 advisory. Rack is a modular Ruby web server interface. Prior to version 2.2.18, Rack::QueryParser enforces its paramslimit only for parameters separated by &, while still...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005312)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005312 advisory. REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The...