2022年1月7日02:50:57评论55 views字数 750阅读2分30秒阅读模式

CWE-1104 使用未维护的第三方组件

Use of Unmaintained Third Party Components

结构: Simple

Abstraction: Base

状态: Incomplete

被利用可能性: unkown

基本描述

The product relies on third-party components that are not
actively supported or maintained by the original developer or a trusted proxy
for the original developer.

扩展描述

Reliance on components that are no longer maintained can make it difficult or impossible to fix significant bugs, vulnerabilities, or quality issues. In effect, unmaintained code can become obsolete.

This issue makes it more difficult to maintain the software, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.

常见的影响

范围	影响	注释
Other	Reduce Maintainability

文章来源于互联网:scap中文网

左青龙
微信扫一扫

右白虎
微信扫一扫

CWE-1104 使用未维护的第三方组件

CWE-1104 使用未维护的第三方组件

Use of Unmaintained Third Party Components

基本描述

扩展描述

相关缺陷

常见的影响

View-999: Weaknesses without Software Fault Patterns

View-884: CWE Cross-section

View-868: Weaknesses Addressed by the SEI CERT C++ Coding Standard (2016 Version)

View-844: Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)

View-809: Weaknesses in OWASP Top Ten (2010)

View-800: Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors

View-750: Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors

View-734: Weaknesses Addressed by the CERT C Secure Coding Standard (2008)

View-711: Weaknesses in OWASP Top Ten (2004)

View-709: Named Chains

发表评论

在线咨询

微信