Unity Linux 20.1060e / 20.1070e Security Update: rubygem-websocket-extensions (UTSA-2026-016659)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016659 advisory. websocket-extensions ruby module prior to 0.1.5 allows Denial of Service DoS via Regex Backtracking. The extension parser may take quadratic time when parsing a head...

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-addressable (UTSA-2026-016622)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016622 advisory. Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. An uncontrolled resource consumption vulnerability...

Unity Linux 20.1070e Security Update: cfitsio (UTSA-2026-016766)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016766 advisory. In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An...

Unity Linux 20.1060e / 20.1070e Security Update: PackageKit (UTSA-2026-016629)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016629 advisory. PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable ...

Unity Linux 20.1060e / 20.1070e Security Update: sphinx (UTSA-2026-016628)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016628 advisory. SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal in conjunction with CVE-2019-14511 because the mysql client can be used for CALL...

Unity Linux 20.1070e Security Update: infinispan (UTSA-2026-016719)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016719 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-016743)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016743 advisory. MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on...

Unity Linux 20.1070e Security Update: resteasy (UTSA-2026-016757)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016757 advisory. A cross-site scripting XSS flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the...

Unity Linux 20.1070e Security Update: jgroups (UTSA-2026-016753)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016753 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

Unity Linux 20.1070e Security Update: jersey (UTSA-2026-016750)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016750 advisory. Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFil...

Unity Linux 20.1070e Security Update: jgroups (UTSA-2026-016741)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016741 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-minimist (UTSA-2026-016649)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016649 advisory. minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a constructor or proto payload. Tenable has extracted the...

Unity Linux 20.1070e Security Update: jboss-logging (UTSA-2026-016754)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016754 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

Unity Linux 20.1070e Security Update: strongswan (UTSA-2026-016762)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016762 advisory. In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and in the case of EAP methods...

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-kramdown (UTSA-2026-016633)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016633 advisory. Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated. Tenable has extracted th...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pillow (UTSA-2026-016594)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016594 advisory. pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. Tenable has extracted the preceding description block directly from the Unity Lin...

Unity Linux 20.1060e / 20.1070e Security Update: mutt (UTSA-2026-016642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016642 advisory. Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate. Tenable has...

Unity Linux 20.1070e Security Update: cfitsio (UTSA-2026-016765)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016765 advisory. In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An...

Unity Linux 20.1070e Security Update: log4j (UTSA-2026-016696)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016696 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1060e / 20.1070e Security Update: ant (UTSA-2026-016647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016647 advisory. As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them...