Fix missing xml-file

tvdijen · tvdijen · commit c4f5579782b0 · 2025-12-15T18:36:58.000+01:00
diff --git a/tests/resources/xml/vulnerabilities/CVE-2025-66475.xml b/tests/resources/xml/vulnerabilities/CVE-2025-66475.xml
@@ -0,0 +1,38 @@
+<?xml version="1.0"?>
+<samlp:Response xmlns:example="1" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8cdf9a4d-a007-4fca-b160-df63064505e0" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://localhost:8008/index.php" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
+  <saml:Issuer>http://localhost:7007/saml/metadata</saml:Issuer>
+  <samlp:Status>
+    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+  </samlp:Status>
+  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_8cdf9a4d-a007-4fca-b160-df63064505ef" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
+    <saml:Issuer>http://localhost:7007/saml/metadata</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><ds:Reference URI="#_8cdf9a4d-a007-4fca-b160-df63064505ef"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ZoMimqpvmI7CvzorrBzvKDzwOODF9SjUfMhayHqDPAZYAyI+1DyUcDyZTqvicCnvHg+ru6/uvy4btXAg71UntBqvQac7+eR5FwBO1n4sVj6cddCXiODwEZJOgNo+sD6uptpSuWqMau+M49OlBpozWTPeYsgvac56lh/pub6bintG/+0iAhGKnCuM9IN52kQt/nlz9Oq4W8OhwbsVZaj3n2CoMQOz9VztH3KWtRTAcFqdbABHgDqDneuHzvjgcd9RR8ySkD7xmd3Nsnv+YKToWnVnderiaj6yxrny6El8FOjPu6ijpD2RsDHVF4/GktGhBcvnIOEk2UATwr//ijF3Pw==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDjTCCAnWgAwIBAgIUdyJH8PSoz8kG7eyfZuvmx7ey/PswDQYJKoZIhvcNAQELBQAwVjELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVN0YXRlMQ0wCwYDVQQHDARDaXR5MRUwEwYDVQQKDAxPcmdhbml6YXRpb24xETAPBgNVBAMMCHNhbWwtaWRwMB4XDTI1MDcyMDIxMjYzNVoXDTI2MDcyMDIxMjYzNVowVjELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVN0YXRlMQ0wCwYDVQQHDARDaXR5MRUwEwYDVQQKDAxPcmdhbml6YXRpb24xETAPBgNVBAMMCHNhbWwtaWRwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8yIUUgSxlQ81y7CVBPhtgZN0Aje5b2SOtXLuk5HYwISdGXZLVLa+uzogkzvnMW/NKfLPCJhfpQ+9ZAMe9O1EguBPHH0g1j14cwI24rEDZElFGXCAKmJcqA7TfZDf/YAW/YHKT4fgZ2YWf3ZrnYrbYgkSsDMVPHdjhRV/lCcu0D/piPJQHjbobol+EUkJlqpUucT2sK0kmBlrn8LNvHK593niLOhZmaa21zH+EltdS9R5zhwu8bvoPkjCk5GvRtCU+Pbprie82Xwl2Ju46y1Zs/NgdCVAW7waKqkH8VvZyp98ffgRsCJdRfNbsq2FS5zj5mbIdmj7DLPJOGCTlJUnQIDAQABo1MwUTAdBgNVHQ4EFgQULkKObinJPgUmM0mh/0JSn4Ht0EcwHwYDVR0jBBgwFoAULkKObinJPgUmM0mh/0JSn4Ht0EcwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAcn6Hfg770sOFqQZWNZpHIaQ2yC87x0CebRjnvVJqU6/wyGTPsF5GsDCHKh0cWXl5QHtJXvn8buzx9isql927tgkhWmMEO8/iOZTCLTxrUuOPLty/vaNq1hfRqYMYqtfdN3VQ9RX/tAPggSL9gDvR4PNAkG1emWbFHkcWGJNbmWnK0LL92rtiXGqumfwHd2OeE2tY/WNY0FyQCMFajUsx5CKG0jlNHzqOobmW5SZ4j8kafjsGJXHmGhHlO3d5OlSG1ne+tZmetqo2i9qEOLGKeRB80sGNvq4SVHYIcdgNEc3K8LDBXNyaiiyGxAP4LtD+RpAE4ViMUxmOXOwgZ/vSLg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
+    <saml:Subject>
+      <saml:NameID SPNameQualifier="http://localhost:8080" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
+      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+        <saml:SubjectConfirmationData NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2026-01-18T06:21:48Z"/>
+      </saml:SubjectConfirmation>
+    </saml:Subject>
+    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2026-01-18T06:21:48Z">
+      <saml:AudienceRestriction>
+        <saml:Audience>http://localhost:8080</saml:Audience>
+      </saml:AudienceRestriction>
+    </saml:Conditions>
+    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2026-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
+      <saml:AuthnContext>
+        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+      </saml:AuthnContext>
+    </saml:AuthnStatement>
+    <saml:AttributeStatement>
+      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+        <saml:AttributeValue xsi:type="xs:string">admin</saml:AttributeValue>
+      </saml:Attribute>
+      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
+      </saml:Attribute>
+      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
+        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
+      </saml:Attribute>
+    </saml:AttributeStatement>
+  </saml:Assertion>
+</samlp:Response>
