THREATOPS
THREAT OPSThreat News › CVE-2026-59084: Apache Tomcat: EncryptInterceptor requirements not clearly documented

CVE-2026-59084: Apache Tomcat: EncryptInterceptor requirements not clearly documented

medoss_secPublished 2026-07-14

<p>Posted by Mark Thomas on Jul 14</p>Severity: low<br /> <br /> Affected versions:<br /> <br /> - Apache Tomcat 11.0.0-M1 through 11.0.23<br /> - Apache Tomcat 10.1.0-M1 through 10.1.56<br /> - Apache Tomcat 9.0.13 through 9.0.119<br /> - Apache Tomcat 8.5.38 through 8.5.100<br /> - Apache Tomcat 7.0.100 through 7.0.109<br /> <br /> Description:<br /> <br /> Insufficient Technical Documentation v

Indicators of compromise

Original source: https://seclists.org/oss-sec/2026/q3/138