CWE-1104βUse of Unmaintained Third Party Components
PUBLISHEDweakness record
released 2019-01-03 Β· last modified 2026-04-30
Metadata
- CWE ID:
- CWE-1104
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Incomplete
- Release Date:
- 2019-01-03
- Latest Modification Date:
- 2026-04-30
Weakness Name
Use of Unmaintained Third Party Components
Description
The product relies on third-party components that are not actively supported or maintained by the original developer or a trusted proxy for the original developer.
Common Consequences
- Scope:
- Other
- Impact:
- Reduce Maintainability, Varies by Context
- Notes:
- Relying on unmaintained components makes it difficult or impossible to fix significant bugs and vulnerabilities, can render code obsolete, and undermine security by complicating maintenance and increasing the risk of new vulnerabilities.