CWE-1104

Use of Unmaintained Third Party Components

Base

Incomplete

Description

The product relies on third-party components that are not actively supported or maintained by the original developer or a trusted proxy for the original developer.

Parent Weaknesses (ChildOf)

CWE-1357: Reliance on Insufficiently Tru...

Common Consequences

Scope

Other

Impact

Reduce Maintainability, Varies by Context

CVE-2025-40906

Perl module for BSON serialization includes a component that reached end-of-life approximately five years previously, but has multiple vulnerabilities.

CVE-2024-35252

Closed-source cloud storage product includes an unmaintained third-party component that allows denial of service

Applicable Platforms

Not Language-Specific

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CWE-1104

Use of Unmaintained Third Party Components

Description

Relationships

Common Consequences

Related CVEs

Applicable Platforms