VYPR
Low severityNVD Advisory· Published Sep 27, 2024· Updated Sep 27, 2024

Dozzle uses unsafe hash for passwords

CVE-2024-47182

Description

Dozzle is a realtime log viewer for docker containers. Before version 8.5.3, the app uses sha-256 as the hash for passwords, which leaves users susceptible to rainbow table attacks. The app switches to bcrypt, a more appropriate hash for passwords, in version 8.5.3.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/amir20/dozzleGo
< 8.5.38.5.3

Affected products

8

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.