Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Dozzle uses unsafe hash for passwords
Vulnerability Description
Dozzle is a realtime log viewer for docker containers. Before version 8.5.3, the app uses sha-256 as the hash for passwords, which leaves users susceptible to rainbow table attacks. The app switches to bcrypt, a more appropriate hash for passwords, in version 8.5.3.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
可逆的单向哈希
Vulnerability Title
Dozzle 安全漏洞
Vulnerability Description
Dozzle是Amir Raminfar个人开发者的一个小型轻量级应用程序。 Dozzle 8.5.3之前版本存在安全漏洞,该漏洞源于使用sha-256作为密码哈希,容易受到彩虹表攻击。
CVSS Information
N/A
Vulnerability Type
N/A