Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: osbuild-composer (UTSA-2026-005319)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005319 advisory. Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Tenable...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005309)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005309 advisory. Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form- data parser encounters certain errors, it logs a warning but...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005315)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005315 advisory. Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: osbuild-composer (UTSA-2026-005329)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005329 advisory. golang-jwt is a Go implementation of JSON Web Tokens. Prior to 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: raptor2 (UTSA-2026-005330)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005330 advisory. In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptorurinormalizepath. Tenable has...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: osbuild-composer (UTSA-2026-005317)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005317 advisory. A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled input...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005322)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005322 advisory. Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, Rack::RequestPOST reads the entire request body into memory for Content-Typ...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005316)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005316 advisory. Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, Rack::Multipart::Parser buffers the entire multipart preamble bytes befo...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005323)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005323 advisory. Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, Rack::QueryParser parses query strings and application/x-www-form-urlencod...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005311)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005311 advisory. REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: cups (UTSA-2026-005326)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005326 advisory. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sen...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005318)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005318 advisory. REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: clickhouse (UTSA-2026-005307)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005307 advisory. An issue was discovered in ClickHouse before 22.9.1.2603. An authenticated user with the ability to load data could cause a heap buffer overflow and crash the server...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005320)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005320 advisory. Rack is a modular Ruby web server interface. Carefully crafted headers can cause header parsing in Rack to take longer than expected resulting in a possible denial o...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005305)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005305 advisory. Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: resource-agents (UTSA-2026-005325)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005325 advisory. Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-craft...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005324)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005324 advisory. Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, Rack::Multipart::Parser can accumulate unbounded data when a multipart...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: wireshark (UTSA-2026-005276)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005276 advisory. MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service Tenable has extracted the preceding description block directl...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: varnish (UTSA-2026-005275)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005275 advisory. Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10 allow client-side desync via HTTP/1 requests. Tenable has extracted the preceding description bloc...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: wireshark (UTSA-2026-005269)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005269 advisory. Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service Tenable has extracted the preceding description block directly from the Unity...