data/reports: add GHSA for GO-2024-3333

- data/reports/GO-2024-3333.yaml Fixes #3333 Change-Id: I2588aac6e4d9d74145ad9558493562614b6f7c8c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/637959 LUCI-TryBot-Result: Go LUCI <[email protected]> Auto-Submit: Tatiana Bradley <[email protected]> Reviewed-by: Damien Neil <[email protected]>
golang · Dec 20, 2024 · 035d5b8 · 035d5b8
1 parent 625199c
commit 035d5b8
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/data/osv/GO-2024-3333.json b/data/osv/GO-2024-3333.json
@@ -4,7 +4,8 @@
   "modified": "0001-01-01T00:00:00Z",
   "published": "0001-01-01T00:00:00Z",
   "aliases": [
-    "CVE-2024-45338"
+    "CVE-2024-45338",
+    "GHSA-w32m-9786-jp63"
   ],
   "summary": "Non-linear parsing of case-insensitive content in golang.org/x/net/html",
   "details": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.",

diff --git a/data/reports/GO-2024-3333.yaml b/data/reports/GO-2024-3333.yaml
@@ -21,6 +21,8 @@ description: |-
     An attacker can craft an input to the Parse functions that would be processed
     non-linearly with respect to its length, resulting in extremely slow parsing.
     This could cause a denial of service.
+ghsas:
+    - GHSA-w32m-9786-jp63
 credits:
     - Guido Vranken
 references: