Nginx WebServer is used by Symantec Endpoint Protection (SEP) on Linux for local repository is vulnerable. 

CVE-2019-20372
Component   : Linux RHEL 
Exploitable    : Yes    
Protocol        : TCP    
Port               : 80    
CVSS Score : 5.3
Category      : WEBSERVER

NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

Upgrade the nginx server to 1.17.9 or latest.

Upgrade instructions
Before you install nginx for the first time on a new machine, you need to set up the nginx packages repository. Afterward, you can install and update nginx from the repository.

RHEL and derivatives
This section applies to Red Hat Enterprise Linux and its derivatives such as CentOS, Oracle Linux, Rocky Linux, AlmaLinux.

Install the prerequisites:
sudo yum install yum-utils

To set up the yum repository, create the file named /etc/yum.repos.d/nginx.repo with the following contents:

[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

By default, the repository for stable nginx packages is used. If you would like to use mainline nginx packages, run the following command:
sudo yum-config-manager --enable nginx-mainline

To install nginx, run the following command:
sudo yum install nginx

When prompted to accept the GPG key, verify that the fingerprint matches 573B FD6B 3D8F BC64 1079 A6AB ABF5 BD82 7BD9 BF62, and if so, accept it.

NOTE: Symantec Endpoint Linux Agent is not affected with this CVE-2019-20372 

NGINX_CHANGES
Nginx_Upgrade_Instruction
Create Local Linux Repository on CentOS/RHEL 7 and 8