x/vulndb: potential Go vuln in github.com/gophish/gophish: CVE-2022-45003

[GoVulnBot]

CVE-2022-45003 references github.com/gophish/gophish, which may be a Go module.

Description:
Gophish through 0.12.1 allows attackers to cause a Denial of Service (DoS) via a crafted payload involving autofocus.

References:

• NIST: https://nvd.nist.gov/vuln/detail/CVE-2022-45003
• JSON: https://github.com/CVEProject/cvelist/tree/62be7ee36f0eead443ed7698fa19b4bd5afe10ad/2022/45xxx/CVE-2022-45003.json
• web: https://github.com/gophish/gophish/releases/tag/v0.12.1
• web: https://pastebin.com/z5MD3z8c
• Imported by: https://pkg.go.dev/github.com/gophish/gophish?tab=importedby

Cross references:

• Module github.com/gophish/gophish appears in issue x/vulndb: potential Go vuln in github.com/gophish/gophish: CVE-2022-25295 #987 NOT_IMPORTABLE

See doc/triage.md for instructions on how to triage this report.

modules:
  - module: github.com/gophish/gophish
    packages:
      - package: n/a
description: |
    Gophish through 0.12.1 allows attackers to cause a Denial of Service (DoS) via a crafted payload involving autofocus.
cves:
  - CVE-2022-45003
references:
  - web: https://github.com/gophish/gophish/releases/tag/v0.12.1
  - web: https://pastebin.com/z5MD3z8c

[gopherbot]

Change https://go.dev/cl/478875 mentions this issue: data/excluded: batch add excluded reports

[gopherbot]

Change https://go.dev/cl/479297 mentions this issue: data/excluded: batch add GO-2023-1674, GO-2023-1671, GO-2023-1670, GO-2023-1669, GO-2023-1668, GO-2023-1667, GO-2023-1662, GO-2023-1661, GO-2023-1660, GO-2023-1659, GO-2023-1658, GO-2023-1657, GO-2023-1656, GO-2023-1655, GO-2023-1654, GO-2023-1653, GO-2023-1673, GO-2023-1666, GO-2023-1665

[gopherbot]

Change https://go.dev/cl/592760 mentions this issue: data/reports: unexclude 75 reports