GMS-2022-47: Invalid URL generation in bitlyshortener

January 21, 2022

Due to a sudden upstream breaking change by Bitly, versions of bitlyshortener <0.6.0 generate invalid short URLs. All users are affected and must update immediately.

References

github.com/advisories/GHSA-rcrv-228c-gprj
github.com/impredicative/bitlyshortener/commit/b307d70bedf745305fa0dd3c5c600d8cb88d09b5
github.com/impredicative/bitlyshortener/releases/tag/0.6.0
github.com/impredicative/bitlyshortener/security/advisories/GHSA-rcrv-228c-gprj

Code Behaviors & Features

Detect and mitigate GMS-2022-47 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →