Mohammed90

**Name of the Vulnerable Software and Affected Versions** Dozzle versions prior to 8.5.3 **Description** The issue concerns the use of an insecure hash for passwords. Specifically, the app uses sha-256, which is susceptible to rainbow table attacks due to its design as a fast message digest hash. This leaves users vulnerable. The app switches to bcrypt, a more secure hash for passwords, in version 8.5.3. It is a realtime log viewer for docker containers. **Recommendations** For versions prior to 8.5.3, update to version 8.5.3 or later, which uses bcrypt for password hashing, to mitigate the risk of rainbow table attacks. As a temporary workaround, consider restricting access to sensitive areas of the application until the update can be applied.