CVE-2025-68146 | tox-dev filelock up to 3.20.0 on Python UnixFileLock/WindowsFileLock os.open toctou (GHSA-w853-jp5j-5j7f)

A vulnerability, which was classified as problematic, has been found in tox-dev filelock up to 3.20.0 on Python. Affected by this vulnerability is the function os.open of the component UnixFileLock/WindowsFileLock. Performing manipulation results in time-of-check time-of-use.

This vulnerability is reported as CVE-2025-68146. The attack requires a local approach. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More