CWE-1104β€”Use of Unmaintained Third Party Components

PUBLISHEDweakness record
released 2019-01-03 Β· last modified 2026-04-30
CWE-1104 - Use of Unmaintained Third Party Components - Diagram

Metadata

CWE ID:
CWE-1104
Abstraction:
Base
Structure:
Simple
Status:
Incomplete
Release Date:
2019-01-03
Latest Modification Date:
2026-04-30

Weakness Name

Use of Unmaintained Third Party Components

Description

The product relies on third-party components that are not actively supported or maintained by the original developer or a trusted proxy for the original developer.

Common Consequences

Scope:
Other
Impact:
Reduce Maintainability, Varies by Context
Notes:
Relying on unmaintained components makes it difficult or impossible to fix significant bugs and vulnerabilities, can render code obsolete, and undermine security by complicating maintenance and increasing the risk of new vulnerabilities.

Related Weaknesses