CNNVD-202512-4304 Information

CNNVD ID

CNNVD-202512-4304

Related CVE

CVE-2025-36154

• CNNVD Published: 2025-12-24

Description (Chinese)

IBM Concert是美国国际商业机器（IBM）公司的一种新工具。使用生成式 AI 来帮助管理复杂的云原生应用程序。 IBM Concert 1.0.0版本至2.1.0版本存在安全漏洞，该漏洞源于递归docker构建期间以明文存储敏感信息，可能导致信息泄露。

Description (English)

IBM Concert is a new tool for IBM. Use the Generating AI to help manage complex cloud raw applications. There is a security gap between IBM Concert 1.0.0 and 2.1.0, which stems from the explicit storage of sensitive information during the back-to-back docker construction, which may lead to the disclosure of information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

国际商业机器

Published

2025-12-24

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7255549 https://access.redhat.com/security/cve/cve-2025-36154

Patch

https://www.ibm.com/support/pages/node/7255549