Unity Linux 20.1060e / 20.1070e Security Update: samba (UTSA-2026-017367)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017367 advisory. Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it. Tenable has extracted the...

Unity Linux 20.1060e / 20.1070e Security Update: clamav (UTSA-2026-017368)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017368 advisory. On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: golang (UTSA-2026-016815)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016815 advisory. The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this c...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: docker (UTSA-2026-017329)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017329 advisory. moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in...

Unity Linux 20.1070e Security Update: expat (UTSA-2026-017379)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017379 advisory. xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. Tenable has extracted the preceding...

Unity Linux 20.1070e Security Update: expat (UTSA-2026-017381)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017381 advisory. In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString. Tenable has extracted the preceding description block directly from the Unity Linux...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: unixODBC (UTSA-2026-017328)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017328 advisory. An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed o...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: golang (UTSA-2026-016821)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016821 advisory. Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment variable is set to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glib2 (UTSA-2026-016804)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016804 advisory. A flaw was found in GLib. A denial of service on Windows platforms may occur if an application attempts to spawn a program using long command lines. Tenable has...

Unity Linux 20.1070e Security Update: rubygem-rack (UTSA-2026-017387)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017387 advisory. A sequence injection vulnerability exists in Rack 2.0.9.1, 2.1.4.1 and 2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components o...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libarchive (UTSA-2026-016794)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016794 advisory. An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when processing crafted -s substitution rules. Th...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: postgresql-13 (UTSA-2026-017349)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017349 advisory. A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls wit...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017359)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017359 advisory. addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the Unity...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glib2 (UTSA-2026-016813)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016813 advisory. A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the gdatetimenewfromiso8601 function...

Unity Linux 20.1070e Security Update: xterm (UTSA-2026-017371)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017371 advisory. xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in setsixel in graphicssixel.c via crafted text. Tenable has...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017361)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017361 advisory. nextScaffoldPart in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ruby (UTSA-2026-016801)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016801 advisory. ERB is a templating system for Ruby. Ruby 2.7.0 before ERB 2.2.0 was published on rubygems.org introduced an @init instance variable guard in ERBresult and ERBrun to...

Unity Linux 20.1050e / 20.1070e Security Update: python-jinja2 (UTSA-2026-017331)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017331 advisory. Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that...

Unity Linux 20.1050e / 20.1070e Security Update: kubernetes (UTSA-2026-016795)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016795 advisory. spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled...

Unity Linux 20.1070e Security Update: aide (UTSA-2026-017376)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017376 advisory. AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata such as XFS extended attributes or tmpfs ACLs, because of a heap-based buff...