Amazon Linux 2023 : python3.13-filelock (ALAS2023-2026-1411)

"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1411 advisory. filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check- Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrar...

SUSE SLED15 / SLES15 Security Update : python-filelock (SUSE-SU-2026:0335-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0335-1 advisory. - CVE-2026-22701: Fixed TOCTOU race condition in SoftFileLock implementation of he filelock package bsc1256457 Tenable...

SUSE-SU-2026:0335-1 Security update for python-filelock

This update for python-filelock fixes the following issues: - CVE-2026-22701: Fixed TOCTOU race condition in SoftFileLock implementation of he filelock package bsc1256457...

OESA-2026-1239 python-filelock security update

This package contains a single module, which implements a platform independent file locking mechanism for Python. Security Fixes: filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementation of th...

filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock

...

CVE-2026-22701

filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementation of the filelock package. An attacker with local filesystem access and permission to create symlinks can exploit a race condition betwee...

CVE-2026-22701

filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementation of the filelock package. An attacker with local filesystem access and permission to create symlinks can exploit a race condition betwee...

CVE-2026-22701

Summary of CVE-2026-22701 (python-filelock) A TOCTOU race condition affects the SoftFileLock implementation in python-filelock prior to version 3.20.3. With local filesystem access and the ability to create symlinks, an attacker can exploit a race between the permission validation and file creati...

CVE-2026-22701 filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock

filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementation of the filelock package. An attacker with local filesystem access and permission to create symlinks can exploit a race condition betwee...

CVE-2026-22701 filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock

filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementation of the filelock package. An attacker with local filesystem access and permission to create symlinks can exploit a race condition betwee...

PT-2026-2251

Name of the Vulnerable Software and Affected Versions filelock versions prior to 3.20.3 Description A race condition exists in the SoftFileLock implementation of the filelock package. An attacker with local filesystem access and permission to create symlinks can exploit a timing issue between...