Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017358)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017358 advisory. defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the Uni...

Unity Linux 20.1070e Security Update: gstreamer1-plugins-good (UTSA-2026-017384)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017384 advisory. DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gstmatroskadecompressdata function which...

Unity Linux 20.1060e / 20.1070e Security Update: clamav (UTSA-2026-017366)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017366 advisory. On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in...

Unity Linux 20.1050e / 20.1070e Security Update: golang (UTSA-2026-016809)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016809 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. Tenable has extracted the preceding description block directly from t...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017357)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017357 advisory. lookup in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the Unity Linux...

Unity Linux 20.1070e Security Update: varnish (UTSA-2026-017377)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017377 advisory. In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise Cache Plus 4.1.x before 4.1.11r6 and 6.0.x before...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: golang (UTSA-2026-016822)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016822 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. Tenable has extracted the preceding...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: golang (UTSA-2026-016814)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016814 advisory. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: golang (UTSA-2026-016812)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016812 advisory. Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as a=...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: golang (UTSA-2026-016811)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016811 advisory. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: golang (UTSA-2026-016818)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016818 advisory. Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libarchive (UTSA-2026-016784)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016784 advisory. A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: postgresql-13 (UTSA-2026-017347)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017347 advisory. A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-017343)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017343 advisory. An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: golang (UTSA-2026-016805)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016805 advisory. Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in unexpected...

Unity Linux 20.1050e / 20.1070e Security Update: etcd (UTSA-2026-016819)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016819 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. Tenable has extracted the preceding...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: mysql (UTSA-2026-016820)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016820 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Options. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-017335)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017335 advisory. An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. The django.contrib.auth.handlers.modwsgi.checkpassword function for...

Unity Linux 20.1070e Security Update: expat (UTSA-2026-016799)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016799 advisory. libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition. Tenable has extracted the...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017351)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017351 advisory. In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too fe...