CVE-2025-52888

Allure 2 is the version 2.x branch of Allure Report, a multi-language test reporting tool. A critical XML External Entity (XXE) vulnerability exists in the xunit-xml-plugin used by Allure 2 prior to version 2.34.1. The plugin fails to securely configure the XML parser (`DocumentBuilderFactory`) and allows external entity expansion when processing test result .xml files. This allows attackers to read arbitrary files from the file system and potentially trigger server-side request forgery (SSRF). Version 2.34.1 contains a patch for the issue.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/allure-framework/allure2/commit/cbcb33719851ff70adce85d38e15d20fc58d4eb7
https://github.com/allure-framework/allure2/security/advisories/GHSA-h7qf-qmf3-85qg

Configurations

No configuration.

History

26 Jun 2025, 18:58

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-24 20:15

Updated : 2025-06-26 18:58

NVD link : CVE-2025-52888

Mitre link : CVE-2025-52888

CVE.ORG link : CVE-2025-52888

JSON object : View

Products Affected

No product.

CWE

CWE-611

Improper Restriction of XML External Entity Reference

{"id": "CVE-2025-52888", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-06-24T20:15:26.700", "references": [{"url": "https://github.com/allure-framework/allure2/commit/cbcb33719851ff70adce85d38e15d20fc58d4eb7", "source": "security-advisories@github.com"}, {"url": "https://github.com/allure-framework/allure2/security/advisories/GHSA-h7qf-qmf3-85qg", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-611"}]}], "descriptions": [{"lang": "en", "value": "Allure 2 is the version 2.x branch of Allure Report, a multi-language test reporting tool. A critical XML External Entity (XXE) vulnerability exists in the xunit-xml-plugin used by Allure 2 prior to version 2.34.1. The plugin fails to securely configure the XML parser (`DocumentBuilderFactory`) and allows external entity expansion when processing test result .xml files. This allows attackers to read arbitrary files from the file system and potentially trigger server-side request forgery (SSRF). Version 2.34.1 contains a patch for the issue."}, {"lang": "es", "value": "Allure 2 es la versi\u00f3n 2.x de Allure Report, una herramienta multiling\u00fce para la generaci\u00f3n de informes de pruebas. Existe una vulnerabilidad cr\u00edtica de Entidad Externa XML (XXE) en el complemento xunit-xml utilizado por Allure 2 en versiones anteriores a la 2.34.1. El complemento no configura de forma segura el analizador XML (`DocumentBuilderFactory`) y permite la expansi\u00f3n de entidades externas al procesar archivos .xml de resultados de pruebas. Esto permite a los atacantes leer archivos arbitrarios del sistema de archivos y, potencialmente, activar server-side request forgery (SSRF). La versi\u00f3n 2.34.1 incluye un parche para este problema."}], "lastModified": "2025-06-26T18:58:14.280", "sourceIdentifier": "security-advisories@github.com"}