security/vuxml: Mark zeek < 4.0.1 as vulnerable as per:

https://github.com/zeek/zeek/releases/tag/v4.0.1

Fix null-pointer dereference when encountering an invalid enum name
in a config/input file that tries to read it into a set[enum]. For
those that have such an input feed whose contents may come from
external/remote sources, this is a potential DoS vulnerability.