Vulnerabilities

CVE-2025-7381

by Fred · 09/07/2025

ImpactThis is an information disclosure vulnerability originating from PHP’s base image. This vulnerability exposes the PHP version through an X-Powered-By header, which attackers could exploit to fingerprint the server and identify potential weaknesses.

WorkaroundsThe mitigation requires changing the expose_php variable from “On” to “Off” in the file located at /usr/local/etc/php/php.ini.

Assigner : security@mautic.org

More information : https://github.com/mautic/docker-mautic/security/advisories/GHSA-89jm-p7jf-x8jx

Similar

Tags: Cybersecurity Alert