vulnerability
Oracle Linux: CVE-2021-41355: ELSA-2021-3819: .NET 5.0 security and bugfix update (IMPORTANT)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 3 | (AV:A/AC:M/Au:N/C:P/I:N/A:N) | Oct 12, 2021 | Nov 3, 2021 | Dec 3, 2025 |
Severity
3
CVSS
(AV:A/AC:M/Au:N/C:P/I:N/A:N)
Published
Oct 12, 2021
Added
Nov 3, 2021
Modified
Dec 3, 2025
Description
.NET Core and Visual Studio Information Disclosure Vulnerability
A flaw was found in dotnet, where the System.DirectoryServices.Protocols.LdapConnection sends credentials in plaintext if the Transport Layer Security (TLS) handshake fails. This flaw allows an attacker to intercept sensitive information. The highest threat from this vulnerability is to confidentiality.
A flaw was found in dotnet, where the System.DirectoryServices.Protocols.LdapConnection sends credentials in plaintext if the Transport Layer Security (TLS) handshake fails. This flaw allows an attacker to intercept sensitive information. The highest threat from this vulnerability is to confidentiality.
Solutions
oracle-linux-upgrade-aspnetcore-runtime-5-0oracle-linux-upgrade-aspnetcore-targeting-pack-5-0oracle-linux-upgrade-dotnetoracle-linux-upgrade-dotnet-apphost-pack-5-0oracle-linux-upgrade-dotnet-hostoracle-linux-upgrade-dotnet-hostfxr-5-0oracle-linux-upgrade-dotnet-runtime-5-0oracle-linux-upgrade-dotnet-sdk-5-0oracle-linux-upgrade-dotnet-targeting-pack-5-0oracle-linux-upgrade-dotnet-templates-5-0oracle-linux-upgrade-netstandard-targeting-pack-2-1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.