CVE-2025-7381 – Apache PHP Information Disclosure

CVE ID : CVE-2025-7381

Published : July 9, 2025, 4:15 p.m. | 1 hour, 50 minutes ago

Description : ImpactThis is an information disclosure vulnerability originating from PHP’s base image. This vulnerability exposes the PHP version through an X-Powered-By header, which attackers could exploit to fingerprint the server and identify potential weaknesses.

WorkaroundsThe mitigation requires changing the expose_php variable from “On” to “Off” in the file located at /usr/local/etc/php/php.ini.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…