Unity Linux 20.1060e / 20.1070e Security Update: wireshark (UTSA-2026-005362)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005362 advisory. In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset...

Unity Linux 20.1060e / 20.1070e Security Update: wireshark (UTSA-2026-005367)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005367 advisory. In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. This was addressed in plugins/epan/gryphon/packet-gryphon.c by...

Unity Linux 20.1060e / 20.1070e Security Update: wireshark (UTSA-2026-005364)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005364 advisory. In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msgdlmap.c by...

Unity Linux 20.1060e / 20.1070e Security Update: libsodium (UTSA-2026-005358)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005358 advisory. libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for wheth...

CVE-2026-25918

unity-cli is a command line utility for the Unity Game Engine. Prior to 1.8.2 , the sign-package command in @rage-against-the-pixel/unity-cli logs sensitive credentials in plaintext when the --verbose flag is used. Command-line arguments including --email and --password are output via...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: httpd (UTSA-2026-005337)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005337 advisory. moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-005341)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005341 advisory. A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: rubygem-rack (UTSA-2026-005348)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005348 advisory. Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12, Rack::Static can serve files under the specified...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: httpd (UTSA-2026-005339)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005339 advisory. Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd=...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis (UTSA-2026-005345)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005345 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: busybox (UTSA-2026-005333)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005333 advisory. In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences. Tenable has extracted the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-005332)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005332 advisory. A flaw has been found in GNU Binutils 2.45. Impacted is the function bfdelfparseehframe of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulatio...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis (UTSA-2026-005343)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005343 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: fastjson (UTSA-2026-005331)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005331 advisory. The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis (UTSA-2026-005347)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005347 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to caus...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-005336)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005336 advisory. A vulnerability was found in GNU Binutils 2.45. Impacted is the function bfdx86elflatesizesections of the file bfd/elfxx-x86.c of the component Linker. The...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: httpd (UTSA-2026-005340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005340 advisory. Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: postgresql-13 (UTSA-2026-005346)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005346 advisory. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: busybox (UTSA-2026-005338)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005338 advisory. In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv0 containing an ANSI terminal escape sequence, leading to a denial of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: postgresql-13 (UTSA-2026-005334)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005334 advisory. Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client...