file-stat-before-action
file-stat-before-action
A check is done with
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
stat and then the file is used. There is no guarantee that the status of the file has not changed since the call to stat which may allow attackers to bypass permission checks.Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition