remove incomplete issues, add completed ones

Signed-off-by: Nick Boldt <[email protected]>

Author: nickboldt

modules/release-notes/list-fixed-security-issues-in-product-1.3.1.txt

@@ -1,5 +1,10 @@
 # CVE number, affected package, fixed in version(s), JIRA
-CVE-2024-21534,jsonpath-plus,10.0.0,RHIDP-4440
-CVE-2024-47762,@backstage/plugin-app-backend,0.3.75,RHIDP-4321
-CVE-2024-45816,@backstage/plugin-techdocs-backend,1.10.13,RHIDP-4116
-CVE-2024-37890,ws,8.17.1||7.5.10||6.2.3||5.2.4,RHIDP-2733
+
+# not yet fixed, built, or ready for release
+# CVE-2024-21534,jsonpath-plus,10.0.0,RHIDP-4440
+# CVE-2024-47762,@backstage/plugin-app-backend,0.3.75,RHIDP-4321
+# CVE-2024-45816,@backstage/plugin-techdocs-backend,1.10.13,RHIDP-4116
+# CVE-2024-37890,ws,8.17.1||7.5.10||6.2.3||5.2.4,RHIDP-2733
+
+CVE-2024-45816,@backstage/plugin-techdocs-backend,1.10.13,RHIDP-4117
+CVE-2024-46976,@backstage/plugin-techdocs-backend,1.10.13,RHIDP-4114

modules/release-notes/snip-fixed-security-issues-in-product-1.3.1.adoc

@@ -1,13 +1,7 @@
 = {product} dependency updates
 
-link:https://access.redhat.com/security/cve/CVE-2024-21534[CVE-2024-21534]::
-A flaw was found in jsonpath-plus. This vulnerability allows remote code execution via improper input sanitisation and unsafe default usage of the vm module in Node.js. Attackers can exploit this by executing arbitrary code through the unsafe use of the vm module in Node.js, which allows for malicious code injection. This issue occurs due to the way jsonpath-plus evaluates JSON paths using vm, a Node.js module that allows code execution. If user input is not properly sanitized, an attacker can craft JSON paths that execute dangerous commands, such as reading sensitive files.
-
-link:https://access.redhat.com/security/cve/CVE-2024-37890[CVE-2024-37890]::
-A flaw was found in the Node.js WebSocket library (ws). A request with several headers exceeding the 'server.maxHeadersCount' threshold could be used to crash a ws server, leading to a denial of service.
-
 link:https://access.redhat.com/security/cve/CVE-2024-45816[CVE-2024-45816]::
 A directory traversal vulnerability was found in the backstage/plugin-techdocs-backend package. When using the AWS S3 or GCS storage provider for TechDocs, it is possible to access content in the entire storage bucket. This can leak contents of the bucket that are not intended to be accessible, as well as bypass permission checks in Backstage.
 
-link:https://access.redhat.com/security/cve/CVE-2024-47762[CVE-2024-47762]::
-A flaw was found in the backstage/plugin-app-backend package. Configurations supplied through APP_CONFIG_* environment variables unexpectedly ignore the visibility defined in the configuration schema, potentially exposing sensitive configuration details intended to remain private or restricted to backend processes.
+link:https://access.redhat.com/security/cve/CVE-2024-46976[CVE-2024-46976]::
+A flaw was found in the backstage/plugin-techdocs-backend package. An attacker with control of the contents of the TechDocs storage buckets may be able to inject executable scripts in the TechDocs content that will be executed in the victim's browser when browsing documentation or navigating to an attacker provided link.