131 matches found
UBUNTU-CVE-2026-22701
filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementation of the filelock package. An attacker with local filesystem access and permission to create symlinks can exploit a race condition betwee...
CVE-2026-22701
filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementation of the filelock package. An attacker with local filesystem access and permission to create symlinks can exploit a race condition betwee...
CVE-2026-22701
Summary of CVE-2026-22701 (python-filelock) A TOCTOU race condition affects the SoftFileLock implementation in python-filelock prior to version 3.20.3. With local filesystem access and the ability to create symlinks, an attacker can exploit a race between the permission validation and file creati...
CVE-2026-22701
filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementation of the filelock package. An attacker with local filesystem access and permission to create symlinks can exploit a race condition betwee...
CVE-2026-22701 filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock
filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementation of the filelock package. An attacker with local filesystem access and permission to create symlinks can exploit a race condition betwee...
filelock 安全漏洞
filelock is a Python file locker open source by tox development team. filelock version before 3.20.3 has a security vulnerability , the vulnerability stems from the SoftFileLock implementation of the existence of TOCTOU competition conditions , which may lead to locking operation failure or...
SUSE SLED15 / SLES15 Security Update : python-filelock (SUSE-SU-2026:0082-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0082-1 advisory. - CVE-2025-68146: TOCTOU race condition may allow local attackers to corrupt or truncate arbitrary user files bsc125524...
Linux Distros Unpatched Vulnerability : CVE-2026-22701
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementatio...
SUSE-SU-2026:0082-1 Security update for python-filelock
This update for python-filelock fixes the following issues: - CVE-2025-68146: TOCTOU race condition may allow local attackers to corrupt or truncate arbitrary user files bsc1255244...
Security update for python-filelock
This update for python-filelock fixes the following issues: CVE-2025-68146: TOCTOU race condition may allow local attackers to corrupt or truncate arbitrary user files bsc1255244. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
python311-filelock-3.20.2-1.1 on GA media (moderate)
python311-filelock-3.20.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10010-1 Rating: moderate Cross-References: CVE-2025-68146 CVSS scores: CVE-2025-68146 SUSE : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N CVE-2025-68146 SUSE : 5.7...
OPENSUSE-SU-2026:10010-1 python311-filelock-3.20.2-1.1 on GA media
These are all security issues fixed in the python311-filelock-3.20.2-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-2251
Name of the Vulnerable Software and Affected Versions filelock versions prior to 3.20.3 Description A race condition exists in the SoftFileLock implementation of the filelock package. An attacker with local filesystem access and permission to create symlinks can exploit a timing issue between...
filelock has TOCTOU race condition that allows symlink attacks during lock file creation
...
SUSE CVE-2025-68146
filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...
CVE-2025-68146
A flaw was found in filelock. This vulnerability allows local attackers to corrupt or truncate arbitrary user files via a Time-of-Check-Time-of-Use TOCTOU race condition and symlink attacks. Mitigation Ensure lock file directories used by applications employing filelock have restrictive...
0x20bf (=0.0.1), 31 (=2.3.0) +4284 more potentially affected by CVE-2025-68146 via filelock (>=2.0.13 <=3.20.0)
filelock PYPI version =2.0.13, =0.0.3, =0.1.0, =1.0.5, =0.0.1b1, =0.2.3, =0.2.7 - ac-solver =0.1.0 - acceldata-o2a =1.0.0 and more Source cves: CVE-2025-68146 Source advisory: OSV:GHSA-W853-JP5J-5J7F...
0x20bf (=0.0.1), 31 (=2.3.0) +4281 more potentially affected by CVE-2025-68146 via filelock (>=3.0.10 <=3.20.0)
filelock PYPI version =3.0.10, =0.0.3, =0.1.0, =1.0.5, =0.0.1b1, =0.2.3, =0.2.7 - ac-solver =0.1.0 - acceldata-o2a =1.0.0 and more Source cves: CVE-2025-68146 Source advisory: SNYK:PYTHON-FILELOCK-14458335...
Time-of-check Time-of-use (TOCTOU) Race Condition
Overview Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition during lock file creation. An attacker can corrupt or truncate arbitrary files by exploiting a race condition between the existence check and file opening with OTRUNC, allowing the creatio...
EUVD-2025-203839
filelock has a TOCTOU race condition which allows symlink attacks during lock file creation...