CVEs affecting projects tracked on Release Alert, from NVD & OSV.
Joomla! core 1.7.1 allows information disclosure due to weak encryption