Vulnerabilities observed in Appliance Gateway 11.1
Article ID: 436135
Updated On:
Products
CA API Gateway
Issue/Introduction
The below vulnerabilities are observed in Appliance Gateway 11.1 even after applying Layer7_API_Gateway_Debian_MPP_v11.1-2026-03-25.zip patch.
| Vulnerability Name | CVE |
| Debian dsa-6023 : libtiff-dev - security update | CVE-2025-9900 |
| Apache Log4j 2.0-beta9 < 2.25.3 MitM | CVE-2025-68161 |
| Debian dsa-6098 : libnetsnmptrapd40 - security update | CVE-2025-68615 |
| Debian dsa-6107 : bind9 - security update | CVE-2025-13878 |
| Debian dsa-6113 : libcrypto3-udeb - security update | CVE-2025-11187,CVE-2025-15467,CVE-2025-15468,CVE-2025-15469,CVE-2025-66199,CVE-2025-68160,CVE-2025-69418,CVE-2025-69419,CVE-2025-69420,CVE-2025-69421,CVE-2026-22795,CVE-2026-22796 |
| Debian dsa-6138 : libpng-dev - security update | CVE-2026-22695,CVE-2026-22801,CVE-2026-25646 |
| Debian dsa-6140 : gnutls-bin - security update | CVE-2025-9820,CVE-2025-14831 |
| Debian dsa-6163 : affs-modules-6.1.0-43-4kc-malta-di - security update | CVE-2023-53424,CVE-2024-26822,CVE-2024-57895,CVE-2025-22026,CVE-2025-23155,CVE-2025-37786,CVE-2025-37822,CVE-2025-37920,CVE-2025-38201,CVE-2025-38643,CVE-2025-39763,CVE-2025-40082,CVE-2025-40251,CVE-2025-68358,CVE-2025-71089,CVE-2025-71144,CVE-2025-71220,CVE-2025-71222,CVE-2025-71224,CVE-2025-71232,CVE-2025-71233,CVE-2025-71235,CVE-2025-71236,CVE-2025-71237,CVE-2025-71238,CVE-2026-23111,CVE-2026-23112,CVE-2026-23169,CVE-2026-23176,CVE-2026-23178,CVE-2026-23180,CVE-2026-23182,CVE-2026-23187,CVE-2026-23190,CVE-2026-23193,CVE-2026-23198,CVE-2026-23202,CVE-2026-23205,CVE-2026-23206,CVE-2026-23209,CVE-2026-23216,CVE-2026-23220,CVE-2026-23221,CVE-2026-23222,CVE-2026-23228,CVE-2026-23229,CVE-2026-23230,CVE-2026-23234,CVE-2026-23235,CVE-2026-23236,CVE-2026-23237,CVE-2026-23238 |
| Debian dsa-6181 : bind9 - security update | CVE-2026-1519,CVE-2026-3104,CVE-2026-3119,CVE-2026-3591 |
| Debian dsa-6023 : libtiff-dev - security update | CVE-2025-9900 |
| Apache Log4j 2.0-beta9 < 2.25.3 MitM | CVE-2025-68161 |
| Debian dsa-6098 : libnetsnmptrapd40 - security update | CVE-2025-68615 |
| Debian dsa-6107 : bind9 - security update | CVE-2025-13878 |
| Debian dsa-6113 : libcrypto3-udeb - security update | CVE-2025-11187,CVE-2025-15467,CVE-2025-15468,CVE-2025-15469,CVE-2025-66199,CVE-2025-68160,CVE-2025-69418,CVE-2025-69419,CVE-2025-69420,CVE-2025-69421,CVE-2026-22795,CVE-2026-22796 |
| Debian dsa-6138 : libpng-dev - security update | CVE-2026-22695,CVE-2026-22801,CVE-2026-25646 |
| Debian dsa-6140 : gnutls-bin - security update | CVE-2025-9820,CVE-2025-14831 |
| Debian dsa-6163 : affs-modules-6.1.0-43-4kc-malta-di - security update | CVE-2023-53424,CVE-2024-26822,CVE-2024-57895,CVE-2025-22026,CVE-2025-23155,CVE-2025-37786,CVE-2025-37822,CVE-2025-37920,CVE-2025-38201,CVE-2025-38643,CVE-2025-39763,CVE-2025-40082,CVE-2025-40251,CVE-2025-68358,CVE-2025-71089,CVE-2025-71144,CVE-2025-71220,CVE-2025-71222,CVE-2025-71224,CVE-2025-71232,CVE-2025-71233,CVE-2025-71235,CVE-2025-71236,CVE-2025-71237,CVE-2025-71238,CVE-2026-23111,CVE-2026-23112,CVE-2026-23169,CVE-2026-23176,CVE-2026-23178,CVE-2026-23180,CVE-2026-23182,CVE-2026-23187,CVE-2026-23190,CVE-2026-23193,CVE-2026-23198,CVE-2026-23202,CVE-2026-23205,CVE-2026-23206,CVE-2026-23209,CVE-2026-23216,CVE-2026-23220,CVE-2026-23221,CVE-2026-23222,CVE-2026-23228,CVE-2026-23229,CVE-2026-23230,CVE-2026-23234,CVE-2026-23235,CVE-2026-23236,CVE-2026-23237,CVE-2026-23238 |
| Debian dsa-6181 : bind9 - security update |
Resolution
The below vulnerabilities are addressed and the ones which were not fixed , got fixed in the April MPP release .
Feedback
Yes
No
Powered by
