A question came out in a publication about the vulnerability EARLY WARNING] Backdoor into xz/liblzma upstream, leading to SSH compromise in UBUNTU but I don’t see within the tool that there is any impact. I wanted to know if you have any information regarding this vulnerability.
I’m not fully sure but if this is about the following “N/A” here:
then please see the following from the related manual entry:
Columns like Severity may display N/A for one of the following reasons:
- The CVE was published but no vulnerability analysis/severity assessment was carried out by the NVD yet. This can take a few days up to a few weeks.Such CVEs can be identified when browsing the related entry. As long as Undergoing Analysis is displayed there, N/A is shown in the columns for the CVE.
- There is always a delay of 1–2 working days between the vulnerability analysis/severity assessment and the time the updated information is displayed in the SecInfo management.
1 Like