In June 2018, the jetty project released fixes for several vulnerabilities announced that month. Puppet Enterprise 2018.1.5 and 2019.0.1 ship with an updated version of jetty that has addressed these vulnerabilities.
For more information about these vulnerabilities refer to jetty vulnerabilities table (https://www.eclipse.org/lists/jetty-announce/msg00123.html)
Affected software versions:
Resolved in: