Headline
GHSA-597g-3phw-6986: virtualenv Has TOCTOU Vulnerabilities in Directory Creation
Impact
TOCTOU (Time-of-Check-Time-of-Use) vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a race condition between directory existence checks and creation to redirect virtualenv’s app_data and lock file operations to attacker-controlled locations.
Affected versions: All versions up to and including 20.36.1
Affected users: Any user running virtualenv on multi-user systems where untrusted local users have filesystem access to shared temporary directories or where VIRTUALENV_OVERRIDE_APP_DATA points to a user-writable location.
Attack scenarios:
- Cache poisoning: Attacker corrupts wheels or Python metadata in the cache
- Information disclosure: Attacker reads sensitive cached data or metadata
- Lock bypass: Attacker controls lock file semantics to cause concurrent access violations
- Denial of service: Lock starvation preventing virtualenv operations
Patches
The vulnerability has been patched by replacing check-then-act patterns with atomic os.makedirs(..., exist_ok=True) operations.
Fixed in: PR #3013
Versions with the fix: 20.36.2 and later
Users should upgrade to version 20.36.2 or later.
Workarounds
If you cannot upgrade immediately:
- Ensure
VIRTUALENV_OVERRIDE_APP_DATApoints to a directory owned by the current user with restricted permissions (mode 0700) - Avoid running
virtualenvin shared temporary directories where other users have write access - Use separate user accounts for different projects to isolate app_data directories
References
- GitHub PR: https://github.com/pypa/virtualenv/pull/3013
- Vulnerability reported by: @tsigouris007
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (TOCTOU)
- CWE-59: Improper Link Resolution Before File Access
Impact
TOCTOU (Time-of-Check-Time-of-Use) vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a race condition between directory existence checks and creation to redirect virtualenv’s app_data and lock file operations to attacker-controlled locations.
Affected versions: All versions up to and including 20.36.1
Affected users: Any user running virtualenv on multi-user systems where untrusted local users have filesystem access to shared temporary directories or where VIRTUALENV_OVERRIDE_APP_DATA points to a user-writable location.
Attack scenarios:
- Cache poisoning: Attacker corrupts wheels or Python metadata in the cache
- Information disclosure: Attacker reads sensitive cached data or metadata
- Lock bypass: Attacker controls lock file semantics to cause concurrent access violations
- Denial of service: Lock starvation preventing virtualenv operations
Patches
The vulnerability has been patched by replacing check-then-act patterns with atomic os.makedirs(…, exist_ok=True) operations.
Fixed in: PR #3013
Versions with the fix: 20.36.2 and later
Users should upgrade to version 20.36.2 or later.
Workarounds
If you cannot upgrade immediately:
- Ensure VIRTUALENV_OVERRIDE_APP_DATA points to a directory owned by the current user with restricted permissions (mode 0700)
- Avoid running virtualenv in shared temporary directories where other users have write access
- Use separate user accounts for different projects to isolate app_data directories
References
- GitHub PR: pypa/virtualenv#3013
- Vulnerability reported by: @tsigouris007
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (TOCTOU)
- CWE-59: Improper Link Resolution Before File Access
References
- GHSA-597g-3phw-6986
- https://nvd.nist.gov/vuln/detail/CVE-2026-22702
- pypa/virtualenv#3013
- pypa/virtualenv@dec4cec