Get Started
- CodeAnt AI
- Control Center
- Pull Request Review
- IDE
- Compliance
- Anti-Patterns
- Code Governance
- Infrastructure Security Database
- Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Lang
- Correctness
- Security
- Containers
- Crypto
- Filesystem
- File-access-before-action
- File-stat-before-action
- Path-manipulation
- World-writable-file
- Format-string
- Ldap
- Libraries
- Memory
- Misc
- Rng
- Sql
- Strings
- System-command
- Uri
- Use-after-free
- Libxml2
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml
File-stat-before-action
File stat before action
A check is done with stat
and then the file is used. There is no guarantee that the status of the file has not changed since the call to stat
which may allow attackers to bypass permission checks.
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition