Unity Linux 20.1060e / 20.1070e Security Update: datanucleus-api-jdo (UTSA-2026-016684)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016684 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: log4j (UTSA-2026-016732)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016732 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

Unity Linux 20.1050e / 20.1070e Security Update: perl-Mojolicious (UTSA-2026-016607)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016607 advisory. The Mojolicious module before 8.65 for Perl is vulnerable to securecompare timing attacks that allow an attacker to guess the length of a secret string. Only version...

Unity Linux 20.1070e Security Update: rubygem-nokogiri (UTSA-2026-016729)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016729 advisory. Nokogiri is an open source XML and HTML library for Ruby. Nokogiri = 1.13.4. There are no known workarounds for this issue. Tenable has extracted the preceding...

Unity Linux 20.1060e / 20.1070e Security Update: mybatis (UTSA-2026-016669)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016669 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: hibernate (UTSA-2026-016690)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016690 advisory. A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit...

Unity Linux 20.1070e Security Update: festival (UTSA-2026-016710)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016710 advisory. festivalserver in Centre for Speech Technology Research CSTR Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LDLIBRARYPATH,...

Unity Linux 20.1060e / 20.1070e Security Update: ant (UTSA-2026-016612)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016612 advisory. When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memor...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-underscore (UTSA-2026-016621)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016621 advisory. The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function,...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: xmlrpc (UTSA-2026-016592)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016592 advisory. An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC aka ws-xmlrpc library. A malicious...

Unity Linux 20.1060e / 20.1070e Security Update: wildfly-common (UTSA-2026-016679)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016679 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: nodejs-minimist (UTSA-2026-016760)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016760 advisory. Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95. Tenable has extracted the preceding description block directly...

Unity Linux 20.1060e / 20.1070e Security Update: PackageKit (UTSA-2026-016629)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016629 advisory. PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable ...

Unity Linux 20.1070e Security Update: jgroups (UTSA-2026-016741)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016741 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1070e Security Update: jersey (UTSA-2026-016750)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016750 advisory. Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFil...

Unity Linux 20.1060e / 20.1070e Security Update: sphinx (UTSA-2026-016628)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016628 advisory. SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal in conjunction with CVE-2019-14511 because the mysql client can be used for CALL...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-paramiko (UTSA-2026-016596)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016596 advisory. In Paramiko before 2.10.1, a race condition between creation and chmod in the writeprivatekeyfile function could allow unauthorized information disclosure. Tenable h...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-minimist (UTSA-2026-016649)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016649 advisory. minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a constructor or proto payload. Tenable has extracted the...

Unity Linux 20.1070e Security Update: cfitsio (UTSA-2026-016766)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016766 advisory. In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An...

Unity Linux 20.1070e Security Update: jboss-logging (UTSA-2026-016754)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016754 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...