data/reports: add GHSA for GO-2024-3333

tatianab · gopherbot · commit 035d5b8d91aa · 2024-12-20T12:37:27.000-08:00
- data/reports/GO-2024-3333.yaml Fixes #3333 Change-Id: I2588aac6e4d9d74145ad9558493562614b6f7c8c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/637959 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Damien Neil <dneil@google.com>
diff --git a/data/osv/GO-2024-3333.json b/data/osv/GO-2024-3333.json
@@ -4,7 +4,8 @@
   "modified": "0001-01-01T00:00:00Z",
   "published": "0001-01-01T00:00:00Z",
   "aliases": [
-    "CVE-2024-45338"
+    "CVE-2024-45338",
+    "GHSA-w32m-9786-jp63"
   ],
   "summary": "Non-linear parsing of case-insensitive content in golang.org/x/net/html",
   "details": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.",
diff --git a/data/reports/GO-2024-3333.yaml b/data/reports/GO-2024-3333.yaml
@@ -21,6 +21,8 @@ description: |-
     An attacker can craft an input to the Parse functions that would be processed
     non-linearly with respect to its length, resulting in extremely slow parsing.
     This could cause a denial of service.
+ghsas:
+    - GHSA-w32m-9786-jp63
 credits:
     - Guido Vranken
 references:
