data/reports: add 2 unreviewed reports

  - data/reports/GO-2024-3315.yaml
  - data/reports/GO-2024-3319.yaml

Fixes #3315
Fixes #3319

Change-Id: I9ae6853da756c96f07e3b9a24cf22546a034cf3e
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/634920
LUCI-TryBot-Result: Go LUCI <[email protected]>
Auto-Submit: Tatiana Bradley <[email protected]>
Reviewed-by: Zvonimir Pavlinovic <[email protected]>

Author: tatianab

data/osv/GO-2024-3315.json

@@ -0,0 +1,48 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2024-3315",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2024-46455"
+  ],
+  "summary": "CVE-2024-46455 in github.com/Unstructured-IO/unstructured",
+  "details": "CVE-2024-46455 in github.com/Unstructured-IO/unstructured",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/Unstructured-IO/unstructured",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46455"
+    },
+    {
+      "type": "WEB",
+      "url": "https://binarysouljour.me/cve-2024-46455"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/Unstructured-IO/unstructured/tree/0.14.2"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2024-3315",
+    "review_status": "UNREVIEWED"
+  }
+}

data/osv/GO-2024-3319.json

@@ -0,0 +1,43 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2024-3319",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "GHSA-vmg2-r3xv-r3xf"
+  ],
+  "summary": "Simulation of Wasmd message can cause crashing in github.com/CosmWasm/wasmd",
+  "details": "Simulation of Wasmd message can cause crashing in github.com/CosmWasm/wasmd",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/CosmWasm/wasmd",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "0.53.2"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/CosmWasm/wasmd/security/advisories/GHSA-vmg2-r3xv-r3xf"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2024-3319",
+    "review_status": "UNREVIEWED"
+  }
+}

data/reports/GO-2024-3315.yaml

@@ -0,0 +1,15 @@
+id: GO-2024-3315
+modules:
+    - module: github.com/Unstructured-IO/unstructured
+      vulnerable_at: 0.0.0-20241209234800-b981d7197f06
+summary: CVE-2024-46455 in github.com/Unstructured-IO/unstructured
+cves:
+    - CVE-2024-46455
+references:
+    - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-46455
+    - web: https://binarysouljour.me/cve-2024-46455
+    - web: https://github.com/Unstructured-IO/unstructured/tree/0.14.2
+source:
+    id: CVE-2024-46455
+    created: 2024-12-10T16:09:51.018223-05:00
+review_status: UNREVIEWED

data/reports/GO-2024-3319.yaml

@@ -0,0 +1,15 @@
+id: GO-2024-3319
+modules:
+    - module: github.com/CosmWasm/wasmd
+      versions:
+        - fixed: 0.53.2
+      vulnerable_at: 0.53.1
+summary: Simulation of Wasmd message can cause crashing in github.com/CosmWasm/wasmd
+ghsas:
+    - GHSA-vmg2-r3xv-r3xf
+references:
+    - advisory: https://github.com/CosmWasm/wasmd/security/advisories/GHSA-vmg2-r3xv-r3xf
+source:
+    id: GHSA-vmg2-r3xv-r3xf
+    created: 2024-12-10T16:09:48.729483-05:00
+review_status: UNREVIEWED