Unity Linux 20.1070e Security Update: gradle (UTSA-2026-016763)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016763 advisory. The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the sam...

Unity Linux 20.1060e / 20.1070e Security Update: jboss-logging (UTSA-2026-016641)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016641 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-rsa (UTSA-2026-016608)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016608 advisory. It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher...

Unity Linux 20.1060e / 20.1070e Security Update: wildfly-security-manager (UTSA-2026-016673)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016673 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: spice (UTSA-2026-016591)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016591 advisory. A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service CPU consumption by performing...

Unity Linux 20.1070e Security Update: undertow (UTSA-2026-016720)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016720 advisory. A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because...

Unity Linux 20.1070e Security Update: datanucleus-core (UTSA-2026-016709)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016709 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Unity Linux 20.1060e / 20.1070e Security Update: apache-commons-io (UTSA-2026-016648)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016648 advisory. In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like //../foo, or ..\foo, the result would be the...

Unity Linux 20.1060e / 20.1070e Security Update: grafana (UTSA-2026-016678)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016678 advisory. Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin...

Unity Linux 20.1070e Security Update: wildfly-security-manager (UTSA-2026-016746)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016746 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

Unity Linux 20.1070e Security Update: libEMF (UTSA-2026-016701)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016701 advisory. libEMF aka ECMA-234 Metafile Library through 1.0.11 allows denial of service issue 1 of 2. Tenable has extracted the preceding description block directly from the...

Unity Linux 20.1070e Security Update: libEMF (UTSA-2026-016697)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016697 advisory. ScaleViewPortExtEx in libemf.cpp in libEMF aka ECMA-234 Metafile Library 1.0.12 allows an integer overflow and denial of service via a crafted EMF file. Tenable has...

Unity Linux 20.1060e / 20.1070e Security Update: datanucleus-api-jdo (UTSA-2026-016658)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016658 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1060e / 20.1070e Security Update: logback (UTSA-2026-016687)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016687 advisory. In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to...

Unity Linux 20.1070e Security Update: wildfly-core (UTSA-2026-016736)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016736 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-rails (UTSA-2026-016644)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016644 advisory. A client side enforcement of server side security vulnerability exists in rails 5.2.4.2 and rails 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length o...

Unity Linux 20.1060e / 20.1070e Security Update: derby (UTSA-2026-016640)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016640 advisory. In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and...

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-rails (UTSA-2026-016651)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016651 advisory. A deserialization of untrusted data vulnernerability exists in rails 5.2.4.3, rails 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in...

Unity Linux 20.1070e Security Update: aspell (UTSA-2026-016693)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016693 advisory. objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop called from acommon::StringMap::add and acommon::Config::lookuplist...

Unity Linux 20.1070e Security Update: springframework (UTSA-2026-016734)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016734 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...