Get Started
- CodeAnt AI
- Control Center
- Pull Request Review
- IDE
- Compliance
- Anti-Patterns
- Code Governance
- Infrastructure Security Database
- Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Lang
- Correctness
- Security
- Containers
- Crypto
- Filesystem
- File-access-before-action
- File-stat-before-action
- Path-manipulation
- World-writable-file
- Format-string
- Ldap
- Libraries
- Memory
- Misc
- Rng
- Sql
- Strings
- System-command
- Uri
- Use-after-free
- Libxml2
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml
File-access-before-action
File access before action
A check is done with access
and then the file is later used. There is no guarantee that the status of the file has not changed since the call to access
which may allow attackers to bypass permission checks.
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition