Red Hat Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

  • Comments

    • Is Red Hat JBoss Web Server version 5 and 6 affected by CVE-2024-34750 Apache Tomcat venerability

    Posted on

    We are encountering CVE-2024-34750 with Apache Tomcat. Currently, we are using JBoss Web Server 5.6, which includes Apache Tomcat version 9.0.50.

    After researching the vulnerability, we found that upgrading Tomcat to version 9.0.90 is necessary. However, I noticed that JBoss Web Server 5.8 comes with Apache Tomcat version 9.0.87, which should address our issue.

    Upon reviewing JBoss Web Server 6, I discovered it includes Apache Tomcat version 10.1.8. However, to fully mitigate the CVE, we require Tomcat version 10.1.25.

    Please confirm if the mentioned CVE affects the JBoss Web Server.

    by

    points

    Responses

    Red Hat LinkedIn YouTube Facebook X, formerly Twitter

    Quick Links

    Help

    Site Info

    Related Sites

    © 2026 Red Hat