Bleeping Computer

GitHub warns of SAML auth bypass flaw in Enterprise Server

GitHub has fixed a maximum severity (CVSS v4 score: 10.0) authentication bypass vulnerability tracked as CVE-2024-4985, which impacts GitHub Enterprise Server (GHES) instances using SAML single ...
Bleeping Computer

GitLab releases fix for critical SAML authentication bypass flaw

GitLab has released security updates to address a critical SAML authentication bypass vulnerability impacting self-managed installations of the GitLab Community Edition (CE) and Enterprise Edition (EE ...
Statetechmagazine

SAML: How It Works and How to Implement It

Nathan Eddy works as an independent filmmaker and journalist based in Berlin, specializing in architecture, business technology and healthcare IT. He is a graduate of Northwestern University’s Medill ...
CSOonline

SAML authentication broken almost beyond repair

Black Hat Europe 2025: Multiple hacking techniques allow researchers to bypass XML signature validation while still presenting valid SAML documentation to an application. Researchers have uncovered ...
Dark Reading

GitHub Authentication Bypass Opens Enterprise Server to Attackers

A max-critical security vulnerability in GitHub's Enterprise Server could allow attackers to bypass authentication and obtain administrative privileges. The good news is that the bug (CVE-2024-4985, ...
BizTech

Understanding SAML: How It Works and How to Implement It

Nathan Eddy works as an independent filmmaker and journalist based in Berlin, specializing in architecture, business technology and healthcare IT. He is a graduate of Northwestern University’s Medill ...