VYPR

Maven package

io.qameta.allure.plugins/junit-xml-plugin

pkg:maven/io.qameta.allure.plugins/junit-xml-plugin

Vulnerabilities (1)

  • CVE-2025-52888HigJun 24, 2025
    affected < 2.34.1fixed 2.34.1

    Allure 2 is the version 2.x branch of Allure Report, a multi-language test reporting tool. A critical XML External Entity (XXE) vulnerability exists in the xunit-xml-plugin used by Allure 2 prior to version 2.34.1. The plugin fails to securely configure the XML parser (`DocumentB