CVE-2019-10648
NONE
Published Mar 30, 20197y ago · Modified Jun 17, 20261w ago
Published Mar 30, 2019 7y ago
Last Modified Jun 17, 2026 1w ago
Description
Robocode through 1.9.3.5 allows remote attackers to cause external service interaction (DNS), as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL.
Threat Intelligence
No active exploitation signals — not in CISA KEV and no EPSS score yet.
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-862 Missing Authorization Authorization
Affected Products 2
References 2
- github.com https://github.com/robo-code/robocode/commit/836c84635e982e74f2f2771b2c8640c3a34221bd#diff-0296a8f9d4a509789f4dc4f052d9c36f
- sourceforge.net https://sourceforge.net/p/robocode/bugs/406/
Remediation
- github.com https://github.com/robo-code/robocode/commit/836c84635e982e74f2f2771b2c8640c3a34221bd#diff-0296a8f9d4a509789f4dc4f052d9c36f