PHP contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes certain HTTP requests with crafted arguments, which will disclose PHP version and another sensitive information resulting in
a loss of confidentiality.
Solution
No patches are necessary to correct this issue. Set the "expose_php" setting to "Off" in the php.ini file, which will disable this functionality.