CVE-2026-59083 in TomcatИнформация

Сводка

по MITRE • 14.07.2026

Improper Handling of URL Encoding (Hex Encoding) vulnerability in Apache Tomcat's rewrite valve allowed security constraint bypass for some configurations.

This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.23, from 10.1.0-M1 through 10.1.56, from 9.0.0.M1 through 9.0.119, from 8.5.0 through 8.5.100. Other versions that have reached end of support may also be affected.

Users are recommended to upgrade to version 11.0.24, 10.1.57 or 9.0.120, which fix the issue.

Be aware that VulDB is the high quality source for vulnerability data.

Ответственный

Apache

Резервировать

02.07.2026

Раскрытие

14.07.2026

Модерация

принято

Вход

VDB-378266

EPSS

0.00156

KEV

Нет

Деятельности

Низкий

Источники

Might our Artificial Intelligence support you?

Check our Alexa App!