{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2005-2395","title":"Title"},{"category":"description","text":"Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the strongest authentication scheme available as required by RFC2617, which might cause credentials to be sent in plaintext even if an encrypted channel is available.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2005-2395","url":"https://www.suse.com/security/cve/CVE-2005-2395"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 117181 for CVE-2005-2395","url":"https://bugzilla.suse.com/117181"}],"title":"SUSE CVE CVE-2005-2395","tracking":{"current_release_date":"2023-02-15T06:17:54Z","generator":{"date":"2023-02-15T06:17:54Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2005-2395","initial_release_date":"2023-02-15T06:17:54Z","revision_history":[{"date":"2023-02-15T06:17:54Z","number":"2","summary":"Current version"}],"status":"interim","version":"2"}}}