CVE-2025-14307

EPSS 0.28%
Veröffentlicht 09.12.2025 07:29:52
Zuletzt bearbeitet 05.01.2026 16:19:07
Quelle cve_disclosure@tech.gov.sg
CVE-Watchlists
Login
Unerledigt
Login

Insecure Temporary File Creation in Robocode's AutoExtract Component

An insecure temporary file creation vulnerability exists in the AutoExtract component of Robocode version 1.9.3.6. The createTempFile method fails to securely create temporary files, allowing attackers to exploit race conditions and potentially execute arbitrary code or overwrite critical files. This vulnerability can be exploited by manipulating the temporary file creation process, leading to potential unauthorized actions.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 2

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Robocode ≫ Robocode Version1.9.3.6

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.28%	0.192

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.1	2.2	5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
cve_disclosure@tech.gov.sg	9.3	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:Red

CWE-377 Insecure Temporary File

Creating and using insecure temporary files can leave application and system data vulnerable to attack.

https://github.com/robo-code/robocode/pull/68

Vendor Advisory

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2025-14307

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-14307

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-14307

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-14307