Based on the URL below, the "Guava" library has a vulnerability in multiple versions.

https://www.cvedetails.com/cve/CVE-2018-10237/

Based on the URL below, version 14.0.1 & version 19 is on the list.

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-developer-portal/4-5/third-party-software-acknowledgments.html

Is the API Developer Portal affected?

Release : 4.5

Component : API PORTAL

The Guava vulnerability won't affect gateway, or portal.

In portal, all usages are very basic string operations, vulnerable code is not used.