Description of problem:
Current version of Nginx 1.6.3 in EPEL is out-dated and contains vulnerabilities.
Solution: rebase to Nginx 1.8.1
I pushed nginx-1.6.3-8.el7 yesterday with fixes for these CVEs. Please give karma. The update hasn't actually hit updates-testing yet so you will need to download the builds from koji.
I think this one can be safely closed since nginx 1.10 has been in EPEL 7 since Sep 7, 2016: