{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T16:50:03.000","vulnerabilities":[{"cve":{"id":"CVE-2023-45292","sourceIdentifier":"security@golang.org","published":"2023-12-11T22:15:06.677","lastModified":"2024-11-21T08:26:43.050","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"When using the default implementation of Verify to check a Captcha, verification can be bypassed. For example, if the first parameter is a non-existent id, the second parameter is an empty string, and the third parameter is true, the function will always consider the Captcha to be correct."},{"lang":"es","value":"Cuando se utiliza la implementación predeterminada de Verify para verificar un Captcha, se puede omitir la verificación. Por ejemplo, si el primer parámetro es una identificación inexistente, el segundo parámetro es una cadena vacía y el tercer parámetro es verdadero, la función siempre considerará que el Captcha es correcto."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-345"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mojotv:base64captcha:*:*:*:*:*:go:*:*","versionEndExcluding":"1.3.6","matchCriteriaId":"20EF9A8D-B33C-468E-9928-2E80A0C1EA00"}]}]}],"references":[{"url":"https://github.com/mojocn/base64Captcha/commit/5ab86bd6f333aad3936f912fc52b411168dcd4a7","source":"security@golang.org","tags":["Patch"]},{"url":"https://github.com/mojocn/base64Captcha/commit/9b11012caca58925f1e47c770f79f2fa47e3ad13","source":"security@golang.org","tags":["Patch"]},{"url":"https://github.com/mojocn/base64Captcha/issues/120","source":"security@golang.org","tags":["Exploit","Issue Tracking"]},{"url":"https://pkg.go.dev/vuln/GO-2023-2386","source":"security@golang.org","tags":["Third Party Advisory"]},{"url":"https://github.com/mojocn/base64Captcha/commit/5ab86bd6f333aad3936f912fc52b411168dcd4a7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/mojocn/base64Captcha/commit/9b11012caca58925f1e47c770f79f2fa47e3ad13","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/mojocn/base64Captcha/issues/120","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking"]},{"url":"https://pkg.go.dev/vuln/GO-2023-2386","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}