USN-8385-1
- Source
- https://ubuntu.com/security/notices/USN-8385-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8385-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-8385-1
- Upstream
- Related
- Published
- 2026-06-04T13:59:44Z
- Modified
- 2026-06-04T23:03:42.629564035Z
- Summary
- robocode vulnerabilities
- Details
-
It was discovered that Robocode could be tricked into making network requests to attacker-controlled systems. An attacker could possibly use this issue to cause external service interaction, resulting in information disclosure. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-10648)
Lim Sim Yee discovered that Robocode did not properly validate file paths in the CacheCleaner component. An attacker could possibly use this issue to delete arbitrary files. (CVE-2025-14306)
Lim Sim Yee discovered that Robocode did not securely create temporary files in the AutoExtract component. An attacker could possibly use this issue to manipulate temporary files, resulting in arbitrary code execution. (CVE-2025-14307)
Lim Sim Yee discovered that Robocode did not properly validate data lengths in the Buffer class. An attacker could possibly use this issue to trigger an integer overflow, resulting in arbitrary code execution. (CVE-2025-14308)
- References
Affected packages
Ubuntu:Pro:16.04:LTS
robocode
Package
- Name
- robocode
- Purl
- pkg:deb/ubuntu/robocode?arch=source&distro=esm-apps-legacy%2Fxenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.9.2.5-2ubuntu0.1~esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1.9.2.5-2ubuntu0.1~esm1",
"binary_name": "robocode"
}
]
}Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8385-1.json"
cves_map
{
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"cves": [
{
"id": "CVE-2019-10648",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-14306",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-14307",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-14308",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}
Ubuntu:Pro:18.04:LTS
robocode
Package
- Name
- robocode
- Purl
- pkg:deb/ubuntu/robocode?arch=source&distro=esm-apps%2Fbionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.9.3.1-1ubuntu0.1~esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1.9.3.1-1ubuntu0.1~esm1",
"binary_name": "robocode"
}
]
}Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8385-1.json"
cves_map
{
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"cves": [
{
"id": "CVE-2019-10648",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-14306",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-14307",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-14308",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}
Ubuntu:Pro:20.04:LTS
robocode
Package
- Name
- robocode
- Purl
- pkg:deb/ubuntu/robocode?arch=source&distro=esm-apps%2Ffocal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.9.3.7-1ubuntu0.1~esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1.9.3.7-1ubuntu0.1~esm1",
"binary_name": "robocode"
}
]
}Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8385-1.json"
cves_map
{
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"cves": [
{
"id": "CVE-2025-14306",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-14307",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-14308",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}
Ubuntu:Pro:22.04:LTS
robocode
Package
- Name
- robocode
- Purl
- pkg:deb/ubuntu/robocode?arch=source&distro=esm-apps%2Fjammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.9.3.9-2ubuntu0.1~esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1.9.3.9-2ubuntu0.1~esm1",
"binary_name": "robocode"
}
]
}Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8385-1.json"
cves_map
{
"ecosystem": "Ubuntu:Pro:22.04:LTS",
"cves": [
{
"id": "CVE-2025-14306",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-14307",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-14308",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}
Ubuntu:Pro:24.04:LTS
robocode
Package
- Name
- robocode
- Purl
- pkg:deb/ubuntu/robocode?arch=source&distro=esm-apps%2Fnoble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.9.3.9-3ubuntu0.1~esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1.9.3.9-3ubuntu0.1~esm1",
"binary_name": "robocode"
}
]
}Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8385-1.json"
cves_map
{
"ecosystem": "Ubuntu:Pro:24.04:LTS",
"cves": [
{
"id": "CVE-2025-14306",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-14307",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-14308",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}
Ubuntu:Pro:26.04:LTS
robocode
Package
- Name
- robocode
- Purl
- pkg:deb/ubuntu/robocode?arch=source&distro=esm-apps%2Fresolute
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.9.3.9-4ubuntu0.26.04.1~esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1.9.3.9-4ubuntu0.26.04.1~esm1",
"binary_name": "robocode"
}
]
}Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8385-1.json"
cves_map
{
"ecosystem": "Ubuntu:Pro:26.04:LTS",
"cves": [
{
"id": "CVE-2025-14306",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-14307",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-14308",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}