- Description
- ImpactThis is an information disclosure vulnerability originating from PHP's base image. This vulnerability exposes the PHP version through an X-Powered-By header, which attackers could exploit to fingerprint the server and identify potential weaknesses. WorkaroundsThe mitigation requires changing the expose_php variable from "On" to "Off" in the file located at /usr/local/etc/php/php.ini.
- Source
- security@mautic.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
- security@mautic.org
- CWE-497
- Hype score
- Not currently trending
Security update for Mautic Docker images released Fixed CVE-2025-7381 in new versions: • 6.0.3-20250709-apache/fpm • 5.2.7-20250709-apache/fpm Update recommended for all Docker deployments. Details: https://t.co/zxq5FOj58N #Mautic #Security #Docker https://t.co/1IHo2Xour
@MauticSecurity
11 Jul 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-7381 ImpactThis is an information disclosure vulnerability originating from PHP's base image. This vulnerability exposes the PHP version through an X-Powered-By header, whic… https://t.co/4gDW787IUM
@CVEnew
10 Jul 2025
285 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes