VYPR

rpm package

opensuse/python-filelock&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/python-filelock&distro=openSUSE%20Leap%2016.0

Vulnerabilities (2)

  • CVE-2026-22701Jan 10, 2026
    affected < 3.18.0-160000.3.1fixed 3.18.0-160000.3.1

    filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementation of the filelock package. An attacker with local filesystem access and permission to create symlinks can exploit a race

  • CVE-2025-68146Dec 16, 2025
    affected < 3.18.0-160000.3.1fixed 3.18.0-160000.3.1

    filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use (TOCTOU) race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows