OWASP CVEs for Using Components with Known Vulnerabilities in 1999