GitHub Enterprise Server patches 10-outta-10 critical hole
May 22, 2024 at 03:35AM GitHub patched a critical security flaw in its Enterprise Server software with the release of version p3.13.0, impacting instances using SAML SSO authentication. The bug, CVE-2024-4985, allows attackers to gain admin privileges when encrypted assertions are enabled. Microsoft-owned GitHub learned about the flaw through its bug bounty program, rewarding the … Read more