Improper Access Control Affecting bind-pkcs11-libs package, versions <32:9.11.4-16.P2.el7
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-CENTOS7-BINDPKCS11LIBS-2155221
- published 26 Jul 2021
- disclosed 21 Feb 2019
Introduced: 21 Feb 2019
CVE-2019-6465 Open this link in a new tabHow to fix?
Upgrade Centos:7 bind-pkcs11-libs to version 32:9.11.4-16.P2.el7 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream bind-pkcs11-libs package and not the bind-pkcs11-libs package as distributed by Centos.
See How to fix? for Centos:7 relevant fixed versions and status.
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465.