Bug 2428441 (CVE-2026-22702) - CVE-2026-22702 virtualenv: virtualenv: Local attacker can redirect file operations via TOCTOU race condition
Summary: CVE-2026-22702 virtualenv: virtualenv: Local attacker can redirect file opera...
Keywords:
Status: NEW
Alias: CVE-2026-22702
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2428458 2428459
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-01-10 07:01 UTC by OSIDB Bzimport
Modified: 2026-01-10 13:22 UTC (History)
71 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2026-01-10 07:01:39 UTC 
virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU (Time-of-Check-Time-of-Use) vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a race condition between directory existence checks and creation to redirect virtualenv's app_data and lock file operations to attacker-controlled locations. This issue has been patched in version 20.36.1.
Note You need to log in before you can comment on or make changes to this bug.