Linux Distros Unpatched Vulnerability : CVE-2021-32796

🗓️ 05 Mar 2025 00:00:00Reported by TenableType

Vulnerability CVE-2021-32796 affects unpatched packages on Linux/Unix hosts; workaround available.

Reporter	Title	Published	Views	Family All 25
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses xmldom-0.8.10.tgz which is vulnerable to this CVE-2021-32796	9 Oct 202514:27	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise is vulnerable to Improper Encoding or Escaping of Output due to xmldom ( CVE-2021-32796 )	22 Aug 202507:25	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities found with third-party libraries used by IBM® MobileFirst Platform	17 Feb 202315:44	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Data Product Hub is affected by several vulnerabilities	29 Aug 202518:23	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	6 Aug 202516:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Spectrum Control is vulnerable to weakness related to xmldom (CVE-2021-32796)	28 Nov 202505:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities	11 Jan 202221:02	–	ibm
IBM Security Bulletins	Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in xmldom-0.9.8.tgz	27 Aug 202502:50	–	ibm
Circl	CVE-2021-32796	28 Jul 202102:12	–	circl
CNNVD	xmldom 安全漏洞	27 Jul 202100:00	–	cnnvd

Source	Link
security-tracker	www.security-tracker.debian.org/tracker/CVE-2021-32796
ubuntu	www.ubuntu.com/security/CVE-2021-32796
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(223786);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/05/21");

  script_cve_id("CVE-2021-32796");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2021-32796");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - xmldom is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and
    XMLSerializer module. xmldom versions 0.6.0 and older do not correctly escape special characters when
    serializing elements removed from their ancestor. This may lead to unexpected syntactic changes during XML
    processing in some downstream applications. This issue has been resolved in version 0.7.0. As a workaround
    downstream applications can validate the input and reject the maliciously crafted documents.
    (CVE-2021-32796)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2021-32796");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2021-32796");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:U/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:U/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-32796");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/07/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/03/05");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:24.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:25.04");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:25.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:node-xmldom");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:node-xmldom");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("set_linux_os_id.nasl", "ssh_get_info2.nasl");
  script_require_keys("Host/OS/identifier", "Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched");
  script_require_ports("Host/OS/Debian Linux-11", "Host/OS/Ubuntu Linux-20.04", "Host/OS/Ubuntu Linux-24.04", "Host/OS/Ubuntu Linux-25.04", "Host/OS/Ubuntu Linux-25.10");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Debian Linux-11": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "11",
        "pkgs": [
          {"reference": "node-xmldom"}
        ]
      }
    ]
  },
  "Ubuntu Linux-20.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "20.04",
        "pkgs": [
          {"reference": "node-xmldom"}
        ]
      }
    ]
  },
  "Ubuntu Linux-24.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "24.04",
        "pkgs": [
          {"reference": "node-xmldom"}
        ]
      }
    ]
  },
  "Ubuntu Linux-25.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "25.04",
        "pkgs": [
          {"reference": "node-xmldom"}
        ]
      }
    ]
  },
  "Ubuntu Linux-25.10": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "25.10",
        "pkgs": [
          {"reference": "node-xmldom"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

21 May 2026 00:00Current

6.5Medium risk

Vulners AI Score6.5

CVSS 25

CVSS 3.15.3 - 6.5

EPSS0.01146

cve-2021-32796 xmldom vulnerability unpatched packages linux unix