Jenkins—a popular open-source automation server software—published an advisory on Monday concerning a critical vulnerability in the Jetty web server that could result in memory corruption and cause confidential information to be disclosed.

Tracked as CVE-2019-17638, the flaw has a CVSS rating of 9.4 and impacts Eclipse Jetty versions 9.4.27.v20200227 to 9.4.29.v20200521—a full-featured tool



Source: TheHackerNews
Source Link: http://feedproxy.google.com/~r/TheHackersNews/~3/CyvNVbkDzzE/jenkins-server-vulnerability.html