D2, MD4, MD5, SHA1 signature algorithms are known to be vulnerable to [collision attacks[(https://en.wikipedia.org/wiki/Collision_attack). Attackers can exploit this to generate another certificate with the same digital signature, allowing them to masquerade as the affected service.
A hash function takes a variable-length digital input and coverts it into a fixed-length random hash value.
Hashing algorithms like MD5 and SHA-1 are vulnerable to collision attacks. In a collision attack, an attacker finds two messages with the same hashed output and sends the incorrect one to the receiver.
It is recommended to use safer alternatives, such as SHA-256, SHA-512, SHA-3.