131 matches found
CVE-2025-68146
filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...
AZL-72739 CVE-2025-68146 affecting package python-filelock for versions less than 3.20.1-1
filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...
AZL-79232 CVE-2025-68146 affecting package python-filelock 3.0.12-13
filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...
UBUNTU-CVE-2025-68146
filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...
CVE-2025-68146
filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...
CVE-2025-68146 filelock has TOCTOU race condition that allows symlink attacks during lock file creation
filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...
CVE-2025-68146 filelock has TOCTOU race condition that allows symlink attacks during lock file creation
filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...
CVE-2025-68146
CVE-2025-68146 affects the Python filelock package. A TOCTOU race in lock file creation allows local attackers with filesystem access to exploit symlinks and truncate target files. The vulnerability exists in UnixFileLock and WindowsFileLock for versions before 3.20.1; an attacker can create a sy...
CVE-2025-68146 filelock has TOCTOU race condition that allows symlink attacks during lock file creation
filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...
CVE-2025-68146
filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...
CVE-2025-68146
filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...
PT-2025-51773
Name of the Vulnerable Software and Affected Versions filelock versions prior to 3.20.1 Description filelock is a platform-independent file lock for Python. A Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks...
filelock 安全漏洞
filelock is a Python file locker open-sourced by the tox development team. A security vulnerability exists in filelock versions prior to 3.20.1, which stems from the presence of a TOCTOU contention condition that could lead to arbitrary file corruption or truncation...
Linux Distros Unpatched Vulnerability : CVE-2025-68146
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check- Time-of-Use TOCTOU race condition allows local attackers...
CVE-2025-68146
creationtimestamp| type| source ---|---|--- 2025-12-15 23:55:35+00:00| published-proof-of-concept| https://github.com/tox-dev/filelock/security/advisories/GHSA-w853-jp5j-5j7f...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-41020)
filelock: race condition vulnerability between fcntl and close operations, which can lead to issues in the recovery compatibility path. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990505)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990505 advisory. In the Linux kernel, the following vulnerability has been resolved: filelock: Fix fcntl/close race recovery compat path When I wrote commit 3cad1bc01041 filelock:...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990295)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990295 advisory. In the Linux kernel, the following vulnerability has been resolved: filelock: Fix fcntl/close race recovery compat path When I wrote commit 3cad1bc01041 filelock:...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time. CVE-2024-36484 In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bondoptionarpiptargetsset CVE-2024-39487 In the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: filelock: Removes locks reliably when a race between fcntl/close operations is detected. When the fcntlsetlk operation races with the close operation, the created lock is removed using dolockfilewait. However, LSMs may allow t...