OWASP CVEs for Using Components with Known Vulnerabilities in 2004