VYPR

CWE-689

Permission Race Condition During Resource Copy

CompoundDraft

Description

The product, while copying or cloning a resource, does not set the resource's permissions or access control until the copy is complete, leaving the resource exposed to other spheres while the copy is taking place.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-26 · CAPEC-27

CVEs mapped to this weakness (1)

  • CVE-2025-40909MedMay 30, 2025
    risk 0.31cvss 5.9epss 0.00

    Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which…