httpoxy Vulnerability

chris .

There has been a new vulnerability called httpoxy which affects CGI and CGI‑like environments, such as some FastCGI configurations. Languages known to be affected so far include PHP, Python, and Go. Using this vulnerability hackers can potentially route requests away from the server to their own, and thus view the requests.

Your server will be automatically patched via its control panel or YUM updates, but if you’d like an immediate fix, there are some steps detailed here:

There’s also a handy tool for checking your site/server here: