目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-367 检查时间与使用时间(TOCTOU)的竞争条件 类漏洞列表 325

CWE-367 检查时间与使用时间(TOCTOU)的竞争条件 类弱点 325 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-367 属于竞态条件漏洞,指系统在检查资源状态后、实际使用前,资源状态发生不可控变化,导致检查失效。攻击者利用这一时间窗口,通过并发操作篡改资源,从而绕过安全验证或执行未授权操作。开发者应避免在检查与使用间插入耗时操作,采用原子性操作或加锁机制确保状态一致性,以消除竞争条件带来的安全风险。

MITRE CWE 官方描述
CWE:CWE-367 检查时-使用时(TOCTOU)竞态条件 英文:产品在利用资源之前会检查该资源的状态,但在检查与利用之间,资源的状态可能发生变化,从而导致检查结果失效。
常见影响 (6)
Integrity, OtherAlter Execution Logic, Unexpected State
The attacker can gain access to otherwise unauthorized resources.
Integrity, OtherModify Application Data, Modify Files or Directories, Modify Memory, Other
Race conditions such as this kind may be employed to gain read or write access to resources which are not normally readable or writable by the user in question.
Integrity, OtherOther
The resource in question, or other resources (through the corrupted one), may be changed in undesirable ways by a malicious user.
Non-RepudiationHide Activities
If a file or other resource is written in this method, as opposed to in a valid way, logging of the activity may not occur.
Non-Repudiation, OtherOther
In some cases it may be possible to delete files a malicious user might not otherwise have access to, such as log files.
缓解措施 (5)
ImplementationThe most basic advice for TOCTOU vulnerabilities is to not perform a check before the use. This does not resolve the underlying issue of the execution of a function on a resource whose state and identity cannot be assured, but it does help to limit the false sense of security given by the check.
ImplementationWhen the file being altered is owned by the current user and group, set the effective gid and uid to that of the current user and group when executing this statement.
Architecture and DesignLimit the interleaving of operations on files from multiple processes.
Implementation, Architecture and DesignIf you cannot perform operations atomically and you must share access to the resource between multiple processes or threads, then try to limit the amount of time (CPU cycles) between the check and use of the resource. This will not fix the problem, but it could make it more difficult for an attack to succeed.
ImplementationRecheck the resource after the use call to verify that the action was taken appropriately.
代码示例 (2)
The following code checks a file, then updates its contents.
struct stat *sb; ... lstat("...",sb); // it has not been updated since the last time it was read printf("stated file\n"); if (sb->st_mtimespec==...){ print("Now updating things\n"); updateThings(); }
Bad · C
The following code is from a program installed setuid root. The program performs certain file operations on behalf of non-privileged users, and uses access checks to ensure that it does not use its root privileges to perform operations that should otherwise be unavailable the current user. The program uses the access() system call to check if the person running the program has permission to access…
if(!access(file,W_OK)) { f = fopen(file,"w+"); operate(f); ... } else { fprintf(stderr,"Unable to open file %s.\n",file); }
Bad · C
CVE ID标题CVSS风险等级Published
CVE-2026-42344 FastGPT isInternalAddress TOCTOU绕过致全端点SSRF — FastGPT 6.3 Medium2026-05-08
CVE-2026-44694 n8n-mcp 认证SSRF漏洞 — n8n-mcp--2026-05-08
CVE-2025-69233 Apache CloudStack 域/账户资源限制漏洞 — Apache CloudStack 6.5 Medium2026-05-08
CVE-2026-34354 Akamai GPA/ZTC 本地权限提升漏洞(影响7.0-7.3.1等版本) — Guardicore Platform Agent 7.4 High2026-05-08
CVE-2026-41002 Spring Cloud Config 多个版本存在TOCTOU漏洞 — Spring Cloud Config 7.4 High2026-05-07
CVE-2026-44112 OpenClaw <2026.4.22 OpenShell FS桥接写入符号链接交换竞争条件漏洞 — OpenClaw 5.3 Medium2026-05-06
CVE-2026-44113 OpenClaw 2026.4.22 前 OpenShell FS 桥接竞态条件漏洞 — OpenClaw 5.3 Medium2026-05-06
CVE-2026-43582 OpenClaw < 2026.4.10 DNS重绑定绕过主机验证漏洞 — OpenClaw 6.3 Medium2026-05-06
CVE-2026-34596 Sandboxie-Plus 本地权限提升漏洞(TOCTOU竞态条件) — Sandboxie--2026-05-05
CVE-2026-7846 Langchain-Chatchat openai_routes.py 文件竞态条件漏洞 — Langchain-Chatchat 2.6 Low2026-05-05
CVE-2026-43529 OpenClaw <2026.4.10 exec脚本预检验证器竞争条件漏洞 — OpenClaw 2.5 Low2026-05-05
CVE-2026-6180 PaperCut MF HP读卡器卡片截断漏洞 — PaperCut NG/MF 3.7AILowAI2026-05-05
CVE-2026-7791 Amazon WorkSpaces Windows <2.6.2034.0 权限管理漏洞致提权 — Workspaces 7.8 High2026-05-04
CVE-2025-47407 DSP服务竞态条件漏洞 — Snapdragon 7.8 High2026-05-04
CVE-2026-7724 Prefect webhook/通知验证竞争条件漏洞 — prefect 5.0 Medium2026-05-04
CVE-2026-41360 OpenClaw 安全漏洞 — OpenClaw 6.7 Medium2026-04-23
CVE-2026-41338 OpenClaw 安全漏洞 — OpenClaw 5.0 Medium2026-04-23
CVE-2026-41337 OpenClaw 安全漏洞 — OpenClaw 5.3 Medium2026-04-23
CVE-2026-35376 uutils coreutils 安全漏洞 — coreutils 4.5 Medium2026-04-22
CVE-2026-35374 uutils coreutils 安全漏洞 — coreutils 6.3 Medium2026-04-22
CVE-2026-35364 uutils coreutils 安全漏洞 — coreutils 6.3 Medium2026-04-22
CVE-2026-35362 uutils coreutils 安全漏洞 — coreutils 3.6 Low2026-04-22
CVE-2026-35360 uutils coreutils 安全漏洞 — coreutils 6.3 Medium2026-04-22
CVE-2026-35359 uutils coreutils 后置链接漏洞 — coreutils 4.7 Medium2026-04-22
CVE-2026-35357 uutils coreutils 安全漏洞 — coreutils 4.7 Medium2026-04-22
CVE-2026-35356 uutils coreutils 安全漏洞 — coreutils 6.3 Medium2026-04-22
CVE-2026-35355 uutils coreutils 安全漏洞 — coreutils 6.3 Medium2026-04-22
CVE-2026-35354 uutils coreutils 安全漏洞 — coreutils 4.7 Medium2026-04-22
CVE-2026-35353 uutils coreutils 安全漏洞 — coreutils 3.3 Low2026-04-22
CVE-2026-35352 uutils coreutils 安全漏洞 — coreutils 7.0 High2026-04-22

CWE-367(检查时间与使用时间(TOCTOU)的竞争条件) 是常见的弱点类别,本平台收录该类弱点关联的 325 条 CVE 漏洞。