add libxml2 cve

Signed-off-by: Weston Steimel <[email protected]>

Author: westonsteimel

Diff for: data/anchore/2025/CVE-2025-29087.json

@@ -27,6 +27,7 @@
           {
             "lessThan": "3.49.1",
             "status": "affected",
+            "version": "0",
             "versionType": "custom"
           }
         ]

Diff for: data/anchore/2025/CVE-2025-32414.json

@@ -0,0 +1,48 @@
+{
+  "additionalMetadata": {
+    "cna": "mitre",
+    "cveId": "CVE-2025-32414",
+    "description": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.",
+    "needsReview": true,
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889"
+    ],
+    "upstream": {
+      "datePublished": "2025-04-08T00:00:00.000Z",
+      "dateReserved": "2025-04-08T00:00:00.000Z",
+      "dateUpdated": "2025-04-09T14:57:02.635Z",
+      "digest": "29f677a3726d4899d337fddeeb4d6a4885bc6728157175366be7fe13076234d4"
+    }
+  },
+  "adp": {
+    "affected": [
+      {
+        "cpes": [
+          "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"
+        ],
+        "product": "libxml2",
+        "repo": "https://gitlab.gnome.org/GNOME/libxml2",
+        "vendor": "xmlsoft",
+        "versions": [
+          {
+            "lessThan": "2.13.8",
+            "status": "affected",
+            "version": "0",
+            "versionType": "semver"
+          },
+          {
+            "lessThan": "2.14.2",
+            "status": "affected",
+            "version": "2.14.0",
+            "versionType": "semver"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}