Red Hat JBoss EAP 6 · Version Status

Red Hat JBoss EAP 6 End of Life Date

Q: When does Red Hat JBoss EAP 6 reach end of life?

Red Hat JBoss EAP 6 reached end of life on June 30, 2019. This version is no longer receiving security patches.

Q: What should I upgrade to from Red Hat JBoss EAP 6?

The recommended upgrade from Red Hat JBoss EAP 6 is Red Hat JBoss EAP 8 — the latest actively supported version. Check the Red Hat JBoss EAP full timeline for all supported versions.

Red Hat JBoss EAP 6 end-of-life date, support status, and CVE risk. Data from endoflife.date and official vendor documentation.

EOL Date

Jun 30, 2019

2550 days past EOL

Latest Release

6.4.24

Standard release

Release Date

Jun 1, 2012

Red Hat JBoss EAP 6 series

← Red Hat JBoss EAP 5 All Red Hat JBoss EAP versions Red Hat JBoss EAP 7 →

Medium Risk

EOL Risk Score™ How is this calculated? →

EOL Recency

40/40

Attack Surface

10/30 Medium tier

CISA KEV Exposure

0/20 Not in KEV

Extended Support

0/10 Available

EOL Risk Score™ — proprietary methodology by endoflife.ai. Factors: EOL recency, attack surface breadth, CISA KEV catalog presence, extended support availability. Updated at every build. Methodology → · View score card →

Recommended upgrade path

Red Hat JBoss EAP 8

Latest release: 8.1.5 · EOL: Feb 5, 2031

View full Red Hat JBoss EAP timeline →

Extended Support

Extended Red Hat JBoss EAP 6 support is available

Commercial vendors offer security patches beyond EOL — compare your options.

Compare Options →

All Red Hat JBoss EAP Versions

Version	Latest	EOL Date	Status
4.2	4.2.0.CP09	Jun 30, 2012	EOL
4.3	4.3.0 CP10	Jan 31, 2013	EOL
5	5.2.0	Nov 30, 2016	EOL
→ 6	6.4.24	Jun 30, 2019	EOL
7	7.4.23	Jun 30, 2025	EOL
8	8.1.5	Feb 5, 2031	Active

What does Red Hat JBoss EAP 6 end of life mean?

When Red Hat JBoss EAP 6 reaches end of life, the maintainers stop issuing security patches for this version. CVEs discovered after the EOL date are publicly disclosed on the National Vulnerability Database with no patch available. Exploit code frequently appears on GitHub within days of disclosure.

The CVE blind spot: Most vulnerability scanners check for known CVEs but do not flag the ongoing accumulation of unpatched vulnerabilities in EOL software versions. Running Red Hat JBoss EAP 6 past its EOL date creates a permanently growing attack surface that standard security tooling will not surface.

Migrate to Red Hat JBoss EAP 8 or implement compensating controls — network segmentation, enhanced monitoring, restricted access — while migration is underway.

Frequently Asked Questions

When does Red Hat JBoss EAP 6 reach end of life?

Red Hat JBoss EAP 6 reached end of life on June 30, 2019. This version is no longer receiving security patches.

Is Red Hat JBoss EAP 6 still supported?

No. Red Hat JBoss EAP 6 reached end of life on June 30, 2019 and is no longer receiving security patches.

What should I upgrade to from Red Hat JBoss EAP 6?

The recommended upgrade from Red Hat JBoss EAP 6 is Red Hat JBoss EAP 8 — the latest actively supported version. Check the Red Hat JBoss EAP full timeline for all supported versions.

What are the security risks of running Red Hat JBoss EAP 6 past EOL?

When Red Hat JBoss EAP 6 reaches end of life, the maintainers stop issuing security patches. Any CVEs disclosed after the EOL date accumulate with no remediation path. Most vulnerability scanners do not flag this — it is the CVE blind spot. Organizations running EOL Red Hat JBoss EAP should migrate immediately or implement compensating controls.

Data from endoflife.date API · Generated at build time · How we source data →