Lucene search
K

10 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/07 10:58 a.m.11 views

Security Bulletin: TOCTOU Symlink Vulnerability in filelock, affects watsonx.data

Summary filelock versions prior to 3.20.1 are vulnerable to a Time-of-Check-Time-of-Use TOCTOU race condition. Local attackers can exploit this via symlinks to corrupt or truncate arbitrary files during lock creation on Unix, Linux, macOS, and Windows. The issue is fixed in version 3.20.1; partia...

6.5CVSS7.3AI score0.00184EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 6:57 a.m.5 views

Security Bulletin: IBM Edge Data Collector uses filelock-3.12.2-py3-none-any.whl which is vulnerable to CVE-2025-68146.

Summary IBM Edge Data Collector uses filelock-3.12.2-py3-none-any.whl which is vulnerable to CVE-2025-68146. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-68146 DESCRIPTION: filelock is a platform-independent file lock for Python. In version...

6.5CVSS7.3AI score0.00184EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 1:59 p.m.7 views

Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation

Summary A security vulnerability in Python affects IBM Robotic Process Automation. Python is used by IBM Robotic Process Automation as part of its deployment. This bulletin identifies the fixes required to resolve the vulnerabilities. Vulnerability Details CVEID:CVE-2025-68146 DESCRIPTION: filelo...

6.5CVSS7.4AI score0.00184EPSS
Exploits1Affected Software1
Amazon
Amazon
added 2026/02/18 12:0 a.m.10 views

Medium: python3.13-filelock

Issue Overview: filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows loc...

6.5CVSS7.9AI score0.00184EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.4 views

Amazon Linux 2023 : python3-filelock (ALAS2023-2026-1415)

"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1415 advisory. filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check- Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrar...

6.5CVSS7.4AI score0.00184EPSS
Exploits1References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/16 9:26 a.m.10 views

Security Bulletin: Vulnerability in filelock affects IBM Netezza Appliance

Summary The filelock package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-68146 Vulnerability Details CVEID:CVE-2025-68146 DESCRIPTION: filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a...

6.5CVSS5.9AI score0.00184EPSS
Exploits1Affected Software1
SUSE CVE
SUSE CVE
added 2025/12/18 12:26 a.m.5 views

SUSE CVE-2025-68146

filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...

4.7CVSS6.2AI score0.00184EPSS
Exploits1References6
EUVD
EUVD
added 2025/12/16 8:52 p.m.2 views

EUVD-2025-203839

filelock has a TOCTOU race condition which allows symlink attacks during lock file creation...

6.3CVSS6.3AI score0.00184EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2025/12/16 8:52 p.m.12 views

filelock has a TOCTOU race condition which allows symlink attacks during lock file creation

Impact A Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation where filelock checks if a file exists before opening it with OTRUNC. An attack...

6.5CVSS6.4AI score0.00184EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2025/12/16 7:15 p.m.5 views

AZL-79232 CVE-2025-68146 affecting package python-filelock 3.0.12-13

filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...

6.5CVSS7.5AI score0.00184EPSS
Exploits1References1
Rows per page
Query Builder