Unity Linux 20.1050e / 20.1070e Security Update: perl-Net-CIDR-Lite (UTSA-2026-016598)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016598 advisory. The Net::CIDR::Lite module before 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which in some...

Unity Linux 20.1060e / 20.1070e Security Update: xerces-c (UTSA-2026-016688)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016688 advisory. The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the...

Unity Linux 20.1070e Security Update: HikariCP (UTSA-2026-016695)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016695 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1070e Security Update: fluidsynth (UTSA-2026-016723)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016723 advisory. fluidsynth is a software synthesizer based on the SoundFont 2 specifications. A use after free violation was discovered in fluidsynth, that can be triggered when...

Unity Linux 20.1060e / 20.1070e Security Update: openblas (UTSA-2026-016623)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016623 advisory. An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version...

Unity Linux 20.1050e / 20.1070e Security Update: ed25519-java (UTSA-2026-016772)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016772 advisory. The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA Strong Existential...

Unity Linux 20.1070e Security Update: jgroups (UTSA-2026-016713)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016713 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: wildfly-core (UTSA-2026-016706)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016706 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: resteasy (UTSA-2026-016727)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016727 advisory. A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-fstream (UTSA-2026-016675)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016675 advisory. fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file th...

Unity Linux 20.1070e Security Update: datanucleus-rdbms (UTSA-2026-016721)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016721 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1060e / 20.1070e Security Update: ganglia (UTSA-2026-016666)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016666 advisory. ganglia-web aka Ganglia Web Frontend through 3.7.5 allows XSS via the header.php ce parameter. Tenable has extracted the preceding description block directly from th...

Unity Linux 20.1070e Security Update: springframework (UTSA-2026-016711)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016711 advisory. Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests ...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-getobject (UTSA-2026-016643)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016643 advisory. Prototype pollution vulnerability in 'getobject' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution. Tenable has...

Unity Linux 20.1060e / 20.1070e Security Update: nettle (UTSA-2026-016616)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016616 advisory. A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve...

Unity Linux 20.1060e / 20.1070e Security Update: avalon-logkit (UTSA-2026-016681)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016681 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: log4j (UTSA-2026-016724)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016724 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1060e / 20.1070e Security Update: spice-vdagent (UTSA-2026-016611)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016611 advisory. A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with acce...

Unity Linux 20.1070e Security Update: springframework (UTSA-2026-016742)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016742 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

Unity Linux 20.1070e Security Update: quartz (UTSA-2026-016722)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016722 advisory. initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description. Tenable has extracte...