Overview Jenkins recently released updates for the critical memory corruption vulnerability (CVE-2019-17638) in the Jetty web server. Successful exploitation of this vulnerability may allow unauthenticated users to obtain sensitive information through HTTP response headers. Jenkins is typically run as a standalone application in its own process with the built-in Java servlet container or application server … Continue reading “Jenkins Server Memory Corruption Vulnerability (CVE-2019-17638)”