InetAddress::getByName is a known exported API to perform name address lookups. It will return the first address that was resolved. Internally, it calls InetAddress.getAllByName() then grabs the first element of the array that is returned. This array is provided by JDK-owned infrastructure, and as such, very little validation needs to be performed. With JEP 418, which allows for third-party SPIs, the returned data might no longer be as trusted as it was previously if using a weakly implemented third-party resolver. Where there is some glue code around getAllByName() to try and prevent this, it might make sense for getByName() to perform some checking itself.
Recommendations
Check that getAllByName() does not return NULL and that the array contains at least one element.

public static InetAddress getByName(String host) throws UnknownHostException {
return InetAddress.getAllByName(host)[0]; // <-- should check that getAllByName() doesn't return NULL and that the array contains at least 1 element.
}