0--catalina.jar00-/usr/local/tomcat/lib/catalina.jarFALLBACK-6d41295611CVE-2026-29146: LanguageSpecificPackageVulnerability Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor wit ... For additional help see: **Vulnerability CVE-2026-29146** | Severity | Package | Fixed Version | Link | | --- | --- | --- | --- | |HIGH|org.apache.tomcat:tomcat-catalina|9.0.116, 10.1.53, 11.0.19|[CVE-2026-29146](https://avd.aquasec.com/nvd/cve-2026-29146)| Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.0.0-M1 through 10.1.52, from 9.0.13 through 9..115, from 8.5.38 through 8.5.100, from 7.0.100 through 7.0.109. Users are recommended to upgrade to version 11.0.19, 10.1.53 and 9.0.116, which fixes the issue. Package: org.apache.tomcat:tomcat-catalina Installed Version: 9.0.115 Vulnerability CVE-2026-29146 Severity: HIGH Fixed Version: 9.0.116, 10.1.53, 11.0.19 Link: [CVE-2026-29146](https://avd.aquasec.com/nvd/cve-2026-29146)trivyTrivy Security Scanner-1398HIGHcatalina.jar(1,0): CVE-2026-29146: : CVE-2026-29146: LanguageSpecificPackageVulnerability Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor wit ... For additional help see: **Vulnerability CVE-2026-29146** | Severity | Package | Fixed Version | Link | | --- | --- | --- | --- | |HIGH|org.apache.tomcat:tomcat-catalina|9.0.116, 10.1.53, 11.0.19|[CVE-2026-29146](https://avd.aquasec.com/nvd/cve-2026-29146)| Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.0.0-M1 through 10.1.52, from 9.0.13 through 9..115, from 8.5.38 through 8.5.100, from 7.0.100 through 7.0.109. Users are recommended to upgrade to version 11.0.19, 10.1.53 and 9.0.116, which fixes the issue. Package: org.apache.tomcat:tomcat-catalina Installed Version: 9.0.115 Vulnerability CVE-2026-29146 Severity: HIGH Fixed Version: 9.0.116, 10.1.53, 11.0.19 Link: [CVE-2026-29146](https://avd.aquasec.com/nvd/cve-2026-29146)CVE-2026-2914611 warning (high: 1)