We have migrated from 4.0 to 5.1 due to a scan that reported vulnerabilities from Tomcat. I know that there was a fork and now Jboss does not directly map to a Tomcat version as of Tomcat 6.015? I think I saw. So with that said are these vulnerabilities: http://tomcat.apache.org/security-6.html
That were not fixed til 6.0.20 fixed in 5.1?
Is there a list like this of any known vulnerabilities. I have not been able to find such a list.