diff --git a/data/osv/GO-2024-2730.json b/data/osv/GO-2024-2730.json
new file mode 100644
index 00000000..de82aa57
--- /dev/null
+++ b/data/osv/GO-2024-2730.json
@@ -0,0 +1,58 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2024-2730",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "related": [
+    "CVE-2024-3400"
+  ],
+  "summary": "Directory traversal in FilesystemStore in github.com/gorilla/sessions",
+  "details": "FilesystemStore does not sanitize the Session.ID value, making it vulnerable to directory traversal attacks. If an attacker has control over the contents of the session ID, this can be exploited to write to arbitrary files in the filesystem.\n\nPrograms which do not set session IDs explicitly, or which only set session IDs that will not be interpreted by the filesystem, are not vulnerable.",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/gorilla/sessions",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {
+        "imports": [
+          {
+            "path": "github.com/gorilla/sessions",
+            "symbols": [
+              "CookieStore.Get",
+              "FilesystemStore.Get",
+              "FilesystemStore.New",
+              "FilesystemStore.Save",
+              "FilesystemStore.erase",
+              "FilesystemStore.load",
+              "FilesystemStore.save",
+              "Registry.Get",
+              "Registry.Save",
+              "Save",
+              "Session.Save"
+            ]
+          }
+        ]
+      }
+    }
+  ],
+  "references": [
+    {
+      "type": "FIX",
+      "url": "https://github.com/gorilla/sessions/pull/274"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2024-2730"
+  }
+}
\ No newline at end of file
diff --git a/data/reports/GO-2024-2730.yaml b/data/reports/GO-2024-2730.yaml
new file mode 100644
index 00000000..ef88ca9f
--- /dev/null
+++ b/data/reports/GO-2024-2730.yaml
@@ -0,0 +1,37 @@
+id: GO-2024-2730
+modules:
+    - module: github.com/gorilla/sessions
+      vulnerable_at: 1.2.2
+      packages:
+        - package: github.com/gorilla/sessions
+          symbols:
+            - FilesystemStore.save
+            - FilesystemStore.load
+            - FilesystemStore.erase
+          derived_symbols:
+            - CookieStore.Get
+            - FilesystemStore.Get
+            - FilesystemStore.New
+            - FilesystemStore.Save
+            - Registry.Get
+            - Registry.Save
+            - Save
+            - Session.Save
+summary: Directory traversal in FilesystemStore in github.com/gorilla/sessions
+description: |-
+    FilesystemStore does not sanitize the Session.ID value,
+    making it vulnerable to directory traversal attacks.
+    If an attacker has control over the contents of the session ID,
+    this can be exploited to write to arbitrary files in the
+    filesystem.
+
+    Programs which do not set session IDs explicitly,
+    or which only set session IDs that will not be
+    interpreted by the filesystem, are not vulnerable.
+related:
+    - CVE-2024-3400
+references:
+    - fix: https://github.com/gorilla/sessions/pull/274
+source:
+    id: go-security-team
+    created: 2024-04-17T07:45:30.470362-07:00