2 matches found
CVE-2026-42527
CVE-2026-42527 describes a deserialization of untrusted data in Apache Camel. A permissive default ObjectInputFilter pattern (covering java., javax. , org.apache.camel.**) can serialize HashMap-like structures containing java.net.URL keys, causing DNS lookups as a side-channel via hashCode/equals...
PT-2019-11963
Name of the Vulnerable Software and Affected Versions Robocode versions prior to 1.9.3.6 Description The issue allows remote attackers to cause external service interaction, specifically DNS queries, by leveraging a .openStream call within java.net.URL. This can be demonstrated by a query for a...