PyPI: bashkit

SFTY-20260304-56908

Safety legacy ID: pyup.io-88214

Affected versions of this package are vulnerable to Race Condition. The `InMemoryFs::append_file()` method has a time-of-check-time-of-use (TOCTOU) race condition. An attacker can exploit this vulnerability by racing file operations to bypass security checks or corrupt file state.

PythonPyPI
Created at: Mar 4, 2026Updated at: Mar 4, 2026

Overview

Affected versions of this package are vulnerable to Race Condition. The `InMemoryFs::append_file()` method has a time-of-check-time-of-use (TOCTOU) race condition. An attacker can exploit this vulnerability by racing file operations to bypass security checks or corrupt file state.

Advisory

Affected versions of this package are vulnerable to Race Condition. The `InMemoryFs::append_file()` method has a time-of-check-time-of-use (TOCTOU) race condition. An attacker can exploit this vulnerability by racing file operations to bypass security checks or corrupt file state.

Affected Package

Affecting bashkit package, versions
<0.1.9

Also affects

---

How to Fix

Upgrade
bashkit
to
0.1.9
or higher.

Mitigation and Workarounds

---

Vulnerable Functions

Functions linked to known vulnerabilities.

Vulnerable function data is available for Enterprise customers

Book a call with us to see Safety in action.

References

Safety

Verified by Safety

Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.

Learn more