GitHub has released security updates for its Enterprise Server (GHES) to fix multiple issues, including a critical bug (CVE-2024-9487) that could enable unauthorized access to an instance due to a regression from a previous vulnerability (CVE-2024-4985); alongside two other fixed vulnerabilities (CVE-2024-9539 and a sensitive data exposure) in versions 3.14.2, 3
13.5, 3.12.10, and 3.11.16. This flaw allowed attackers to bypass SAML single sign-on (SSO) authentication, potentially leading to unauthorized user provisioning and access. GitHub urges organizations to update to the latest version to mitigate these security risks., ```https://thehackernews.com/2024/10/github-patches-critical-flaw-in.html