Hi,
We are getting a failed PCI scan reporting multiple issues with NGINX. There is literally nothing on the internet about how to fix this. PCI Compliance Manager wants us to upgrade the version of NGINX that Azure is using but I'm not sure we can even do that. See error message below. What do I do to make this scan pass? The web app that it's scanning is just a simple website or Azure App Service (xyz.azurewebsites.net).
Vulnerable nginx version detected on port 80 -
Server: nginx/1.16.1
CVE-2019-20372
CVE-2021-23017
Customers are advised to install nginx 1.21.0 or later versions to remediate this vulnerability.

