CWE-1104: Use of Unmaintained Third Party Components

BaseIncomplete

The product relies on third-party components that are not actively supported or maintained by the original developer or a trusted proxy for the original developer.

View on MITRE

Back to CWE Lookup

Extended Description

Reliance on components that are no longer maintained can make it difficult or impossible to fix significant bugs, vulnerabilities, or quality issues. In effect, unmaintained code can become obsolete. This issue makes it more difficult to maintain the product, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.

Technical Details

Structure: Simple

Applicable To

Languages

Platforms

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-1104

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references