CVE-2026-33166— Allure Report has an Arbitrary File Read via Path Traversal in Attachment Processing (Allure 1, Allure 2, and XCTest Readers)

Allure Report has an Arbitrary File Read via Path Traversal in Attachment Processing (Allure 1, Allure 2, and XCTest Readers)

Allure 2 is the version 2.x branch of Allure Report, a multi-language test reporting tool. The Allure report generator prior to version 2.38.0 is vulnerable to an arbitrary file read via path traversal when processing test results. An attacker can craft a malicious result file (-result.json, -container.json, or .plist) that points an attachment source to a sensitive file on the host system. During report generation, Allure will resolve these paths and include the sensitive files in the final report. Version 2.38.0 fixes the issue.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

对路径名的限制不恰当(路径遍历)

Allure Report 路径遍历漏洞

Allure Report是Allure Framework开源的一个灵活、轻量级的多语言测试报告工具。 Allure Report 2 2.38.0之前版本存在路径遍历漏洞，该漏洞源于处理测试结果时存在路径遍历问题，可能导致任意文件读取。

N/A

N/A