GitHub has fixed a maximum severity (CVSS v4 score: 10.0) authentication bypass vulnerability tracked as CVE-2024-4985, which impacts GitHub Enterprise Server (GHES) instances using SAML single sign-on (SSO) authentication. Exploiting the flaw would allow a threat actor to forge a SAML response and gain administrator privileges, providing unrestricted access to all of the instance's contents witho
![GitHub warns of SAML auth bypass flaw in Enterprise Server](https://cdn-ak-scissors.b.st-hatena.com/image/square/48e214e305dbc2daf812155c93eaa64730b0089d/height=288;version=1;width=512/https%3A%2F%2Fwww.bleepstatic.com%2Fcontent%2Fhl-images%2F2022%2F04%2F08%2FGitHub___headpic.jpg)