CWE-1104 使用未维护的第三方组件
Use of Unmaintained Third Party Components
结构: Simple
Abstraction: Base
状态: Incomplete
被利用可能性: unkown
基本描述
The product relies on third-party components that are not actively supported or maintained by the original developer or a trusted proxy for the original developer.
扩展描述
Reliance on components that are no longer maintained can make it difficult or impossible to fix significant bugs, vulnerabilities, or quality issues. In effect, unmaintained code can become obsolete.
This issue makes it more difficult to maintain the software, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.
相关缺陷
- cwe_Nature: ChildOf cwe_CWE_ID: 710 cwe_View_ID: 1000 cwe_Ordinal: Primary
常见的影响
| 范围 | 影响 | 注释 |
|---|---|---|
| Other | Reduce Maintainability |