Does API Gateway take the influence of the following vulnerability?
If so, is the fix included in the product?
Both of the above are JAVA vulnerabilities.
Affects JDK8u291 and earlier.
Gateway 9.4, 10 includes JDK 8u291 or earlier.
Is API Gateway affected by those CVEs?
Release : 10.0
Component : API GATEWAY
Gateway distribution loads and runs only trusted code (custom assertions are also can be loaded only after signing).
Also, we do not support Java Web Start and Applets, so the mentioned vulnerabilities (CVE-2021-2369, CVE-2021-2388) will not affect the API Gateway.