A Vulnerability in GitHub Enterprise Server (GHES) Could Allow for Authentication Bypass

Read Time:25 Second

A vulnerability has been discovered in GitHub Enterprise Server (GHES), which could allow for authentication bypass. GHES is a popular platform for software developers. Organizations can build and store software applications using Git version control and automate deployment pipelines. Successful exploitation of this vulnerability could allow for an attacker to forge a SAML response to provision and/or gain access to a user with site administrator privileges. An attacker could then view, change, or delete data; or create new accounts with full user rights.

golang-github-aws-sdk-2-20250103-1.fc41 golang-github-aws-smithy-1.22.1-1.fc41 golang-github-ncw-swift-2-2.0.3-1.fc41 rclone-1.68.2-1.fc41

FEDORA-2025-0620fdebb6 Packages in this update: golang-github-aws-sdk-2-20250103-1.fc41 golang-github-aws-smithy-1.22.1-1.fc41 golang-github-ncw-swift-2-2.0.3-1.fc41 rclone-1.68.2-1.fc41 Update description: Fix for CVE-2024-52522 & CVE-2024-45338 Read More

January 5, 2025

Friday Squid Blogging: Anniversary Post

US Sanctions Chinese Cybersecurity Firm for Global Botnet Attacks

Atos Group Denies Space Bears’ Ransomware Attack Claims

ShredOS

Crypto Boss Extradited to Face $40bn Fraud Charges

DDoS Disrupts Japanese Mobile Giant Docomo

Web3 Attacks Result in $2.3Bn in Cryptocurrency Losses

Apple Agrees $95M Settlement Over Siri Privacy Violations

US Confirms Russian GenAI Disinformation Op Targeted Election

A Vulnerability in GitHub Enterprise Server (GHES) Could Allow for Authentication Bypass

golang-github-aws-sdk-2-20250103-1.fc41 golang-github-aws-smithy-1.22.1-1.fc41 golang-github-ncw-swift-2-2.0.3-1.fc41 rclone-1.68.2-1.fc41

mupdf-1.24.6-4.fc41

golang-github-aws-sdk-2-20250103-1.fc42 golang-github-rclone-gofakes3-0.0.3-1.fc42 rclone-1.68.2-1.fc42

suricata-7.0.8-1.el8

suricata-7.0.8-1.fc40

suricata-7.0.8-1.el9