CVE-2026-33166
Allure Report has an Arbitrary File Read via Path Traversal in Attachment Processing (Allure 1, Allure 2, and XCTest Readers)
CVSS Score
8.6
EPSS Score
0.0%
EPSS Percentile
2th
Allure 2 is the version 2.x branch of Allure Report, a multi-language test reporting tool. The Allure report generator prior to version 2.38.0 is vulnerable to an arbitrary file read via path traversal when processing test results. An attacker can craft a malicious result file (-result.json, -container.json, or .plist) that points an attachment source to a sensitive file on the host system. During report generation, Allure will resolve these paths and include the sensitive files in the final report. Version 2.38.0 fixes the issue.
| CWE | CWE-22 |
| Vendor | allure-framework |
| Product | allure2 |
| Published | Mar 20, 2026 |
| Last Updated | Mar 24, 2026 |
Stay Ahead of the Next One
Get instant alerts for allure-framework allure2
Be the first to know when new high vulnerabilities affecting allure-framework allure2 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None
Affected Versions
allure-framework / allure2
< 2.38.0