ImpactThis is an information disclosure vulnerability originating from PHP's base image. This vulnerability exposes the PHP version through an X-Powered-By header, which attackers could exploit to fingerprint the server and identify potential weaknesses.
WorkaroundsThe mitigation requires changing the expose_php variable from "On" to "Off" in the file located at /usr/local/etc/php/php.ini.
Metrics
Affected Vendors & Products
References
History
Wed, 09 Jul 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 09 Jul 2025 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | ImpactThis is an information disclosure vulnerability originating from PHP's base image. This vulnerability exposes the PHP version through an X-Powered-By header, which attackers could exploit to fingerprint the server and identify potential weaknesses. WorkaroundsThe mitigation requires changing the expose_php variable from "On" to "Off" in the file located at /usr/local/etc/php/php.ini. | |
Title | Exposure of sensitive PHP information to an unauthorized control sphere in mautic/mautic images | |
Weaknesses | CWE-497 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: Mautic
Published: 2025-07-09T15:16:37.305Z
Updated: 2025-07-10T07:43:06.651Z
Reserved: 2025-07-09T08:22:14.606Z
Link: CVE-2025-7381

Updated: 2025-07-09T15:56:55.772Z

Status : Awaiting Analysis
Published: 2025-07-09T16:15:27.890
Modified: 2025-07-10T13:17:30.017
Link: CVE-2025-7381

No data.