Maintained with ☕️ by
IcePanel logo

We released an updated version of the Apigee hybrid software, v1.11.0

Share

Services

## Announcement On November 17, 2023 we released an updated version of the Apigee hybrid software, v1.11.0. * For information on upgrading, see [Upgrading Apigee hybrid to version v1.11.0](https://cloud.google.com/apigee/docs/hybrid/v1.11/upgrade). * For information on new installations, see [The big picture](https://cloud.google.com/apigee/docs/hybrid/v1.11/big-picture). ## Feature **Helm charts management for Apigee hybrid** Starting in version v1.11, you have the choice of installing and managing your clusters with either Helm or `apigeectl`. You cannot manage a cluster with both. Apigee recommends using Helm for new hybrid installations. See [Apigee hybrid Helm charts reference](https://cloud.google.com/apigee/docs/hybrid/v1.11/helm-reference). ## Feature **Vault integration for Cassandra credentials (preview)** Starting in version v1.11, you can store Cassandra credentials in Hashicorp Vault. **Note:** Using Vault requires Helm management of your Apigee installation. See [Storing Cassandra credentials in Hashicorp Vault](https://cloud.google.com/apigee/docs/hybrid/v1.11/storing-cassandra-secrets-in-vault). Vault integration is in preview as of the Apigee hybrid 1.11 release. ## Feature **Kubernetes Tolerations** Starting in version v1.11, Apigee hybrid supports Kubernetes Tolerations. See [Using Kubernetes Tolerations](https://cloud.google.com/apigee/docs/hybrid/v1.11/tolerations). ## Feature **Apigee Advance API Security Actions for Apigee hybrid** Advanced API Security's new [Security Actions](https://cloud.google.com/apigee/docs/api-security/security-actions) feature is now available in Apigee hybrid. ## Fix | Bug ID | Description | | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | **295929616** | **Installation of Hybrid 1.10.x would fail on OpenShift due to out of memory issues.** (Fixed in Apigee hybrid v1.10.3) | | **294069799** | **Updated the security context settings for the Apigee Hybrid Backup and Restore pod.** | | **292571089** | **An error with support for CSI backup and restore for Cassandra was fixed.** (Fixed in Apigee hybrid v1.10.3) | | **292118812** | **Fixed UDCA regression in Hybrid 1.10.1 where UDCA would ignore forward proxy configuration.** (Fixed in Apigee hybrid v1.10.2) | | **289254725** | **Implemented a fix to prevent failure of proxy deployments that include the OASValidation policy.** (Fixed in Apigee hybrid v1.10.1) | | **287321226** | **Security context has been corrected for apigee-prom-prometheus to avoid privilege escalation.** (Fixed in Apigee hybrid v1.10.3) | | **240180122** | **Disable privilege escalation on the cassandra container by moving the ulimit settings to the newly introduced initContainer "apigee-cassandra-ulimit-init".** If you are using security controls with gatekeeper, ensure that apigee-cassandra-ulimit-init initContainer can runAs user, group as 0 and allow capabilities IPC\_LOCK and SYS\_RESOURCES. (Fixed in Apigee hybrid v1.11.0) | | **205666368** | **Fixed issue with default validation of TLS target endpoint certificates.** To enable strict SSL on southbound connections to a proxy target endpoint, add the tag <Enforce>true</Enforce> in the target <SSLInfo> block. See [About setting TLS options in a target endpoint or target server](https://cloud.google.com/apigee/docs/api-platform/system-administration/options-configuring-tls#about-setting-tls-options-in-a-target-endpoint-target-server). See also [Known Issue #205666368](https://cloud.google.com/apigee/docs/release/known-issues#205666368). (Fixed in Apigee hybrid v1.10.3-hotfix.1) | | **158132963** | **Added improvements to capture relevant target flow variables in trace and analytics in case of target timeouts.** (Fixed in Apigee hybrid v1.10.2) | ## Security | Bug ID | Description | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **303292806** | **Set backup utility to only connect to Cassandra server pods in the apigee namespace.** (Fixed in Apigee hybrid v1.10.3-hotfix.3) | | **300542690** | **Added dedicated service accounts for Apigee Connect, Redis, and UDCA to prevent Kubernetes from automatically injecting credentials for a specified ServiceAccount or the default ServiceAccount.** (Fixed in Apigee hybrid v1.10.3-hotfix.3) | | **297938600, 297938559, 297938486, 294892344** | **Security fixes for apigee-diagnostics-collector.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-1436](https://nvd.nist.gov/vuln/detail/CVE-2023-1436) [CVE-2022-45693](https://nvd.nist.gov/vuln/detail/CVE-2022-45693) [CVE-2022-45685](https://nvd.nist.gov/vuln/detail/CVE-2022-45685) [CVE-2022-40150](https://nvd.nist.gov/vuln/detail/CVE-2022-40150) | | **297938498, 297938487** | **Security fixes for apigee-fluent-bit.**(Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-2650](https://nvd.nist.gov/vuln/detail/CVE-2023-2650) [CVE-2023-0464](https://nvd.nist.gov/vuln/detail/CVE-2023-0464) | | **297938441** | **Security fixes for apigee-runtime.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-1370](https://nvd.nist.gov/vuln/detail/CVE-2023-1370) [CVE-2021-31684](https://nvd.nist.gov/vuln/detail/CVE-2021-31684) | | **297286274** | **Security fixes for apigee-installer.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) [CVE-2023-2253](https://nvd.nist.gov/vuln/detail/CVE-2023-2253) | | **296719459, 296719400, 296719348, 296719307, 296719306, 296719188, 296719187, 296719186, 296719115, 296719018, 296718937, 296718918, 296718917, 296718916, 296716670, 296716669, 296716472, 296716471, 296715155** | **Security fixes for apigee-hybrid-cassandra.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41715](https://nvd.nist.gov/vuln/detail/CVE-2022-41715) [CVE-2022-32190](https://nvd.nist.gov/vuln/detail/CVE-2022-32190) [CVE-2022-2880](https://nvd.nist.gov/vuln/detail/CVE-2022-2880) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-2879](https://nvd.nist.gov/vuln/detail/CVE-2022-2879) | | **296717666, 296717283, 296716668, 296716667, 296716650, 296716635, 296716634, 296716633, 296716470, 296716234, 296715734, 296715733, 296715154, 296715153** | **Security fixes for apigee-hybrid-cassandra-client.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) | | **296717665, 296717664, 296717663, 296717662, 296717185, 296716666, 296716649, 296716632, 296716468, 296716467, 296716232, 296715152, 296715151, 296714218** | **Security fixes for apigee-cassandra-backup-utility.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) | | **295936113** | **Security fixes for apigee-mart-server.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerability: [CVE-2023-3635](https://nvd.nist.gov/vuln/detail/CVE-2023-3635) | | **294906706** | **Security fixes for apigee-prom-prometheus.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-28842](https://nvd.nist.gov/vuln/detail/CVE-2023-28842) [CVE-2023-28841](https://nvd.nist.gov/vuln/detail/CVE-2023-28841) [CVE-2023-28840](https://nvd.nist.gov/vuln/detail/CVE-2023-28840) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) [CVE-2022-46146](https://nvd.nist.gov/vuln/detail/CVE-2022-46146) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41721](https://nvd.nist.gov/vuln/detail/CVE-2022-41721) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) [CVE-2022-32149](https://nvd.nist.gov/vuln/detail/CVE-2022-32149) | | **293925856** | **Security fixes for apigee-prometheus-adapter.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) [CVE-2022-41715](https://nvd.nist.gov/vuln/detail/CVE-2022-41715) [CVE-2022-32190](https://nvd.nist.gov/vuln/detail/CVE-2022-32190) [CVE-2022-32149](https://nvd.nist.gov/vuln/detail/CVE-2022-32149) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-27191](https://nvd.nist.gov/vuln/detail/CVE-2022-27191) [CVE-2022-2880](https://nvd.nist.gov/vuln/detail/CVE-2022-2880) [CVE-2022-2879](https://nvd.nist.gov/vuln/detail/CVE-2022-2879) | | **293348130** | **Security fixes for apigee-udca.** (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2022-32149](https://nvd.nist.gov/vuln/detail/CVE-2022-32149) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-41721](https://nvd.nist.gov/vuln/detail/CVE-2022-41721) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) | | **291994501** | **Security fixes for apigee-operator and apigee-watcher.** (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) | | **291994501** | **Security fixes for apigee-installer.** (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2022-2879](https://nvd.nist.gov/vuln/detail/CVE-2022-2879) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-32149](https://nvd.nist.gov/vuln/detail/CVE-2022-32149) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2022-2880](https://nvd.nist.gov/vuln/detail/CVE-2022-2880) [CVE-2022-41715](https://nvd.nist.gov/vuln/detail/CVE-2022-41715) [CVE-2022-41721](https://nvd.nist.gov/vuln/detail/CVE-2022-41721) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) | | **290829031** | **Security fixes for apigee-hybrid-cassandra, apigee-cassandra-client, and cassandra-backup-utility.** (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) [CVE-2022-41715](https://nvd.nist.gov/vuln/detail/CVE-2022-41715) [CVE-2022-32190](https://nvd.nist.gov/vuln/detail/CVE-2022-32190) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-2880](https://nvd.nist.gov/vuln/detail/CVE-2022-2880) [CVE-2022-2879](https://nvd.nist.gov/vuln/detail/CVE-2022-2879) [CVE-2020-29511](https://nvd.nist.gov/vuln/detail/CVE-2020-29511) [CVE-2020-29509](https://nvd.nist.gov/vuln/detail/CVE-2020-29509) | | **290829028** | **Security fixes for Apigee Connect and apigee-connect-agent and apigee-redis.** (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) [CVE-2022-32149](https://nvd.nist.gov/vuln/detail/CVE-2022-32149) [CVE-2022-29526](https://nvd.nist.gov/vuln/detail/CVE-2022-29526) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-21698](https://nvd.nist.gov/vuln/detail/CVE-2022-21698) | | **290068742** | **Security fixes for apigee-udca.** (Fixed in Apigee hybrid v1.10.1) This addresses the following vulnerability: [CVE-2022-1471](https://nvd.nist.gov/vuln/detail/CVE-2022-1471) | | **290067464** | **Security fixes for apigee-stackdriver-logging-agent.** (Fixed in Apigee hybrid v1.10.1) This addresses the following vulnerability: [CVE-2022-32511](https://nvd.nist.gov/vuln/detail/CVE-2022-32511) | | **290065830** | **Security fixes for apigee-udca.** (Fixed in Apigee hybrid v1.10.1) This addresses the following vulnerability: [CVE-2022-42889](https://nvd.nist.gov/vuln/detail/CVE-2022-42889) | | **281561243** | **Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer.** This addresses the following vulnerability: [CVE-2022-1471](https://nvd.nist.gov/vuln/detail/CVE-2022-1471) (Fixed in Apigee hybrid v1.10.1) | | **N/A** | **Security fixes for apigee-prometheus-adapter.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) | | **N/A** | **Security fixes for apigee-prom-prometheus/master.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-40577](https://nvd.nist.gov/vuln/detail/CVE-2023-40577) [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) [CVE-2023-2253](https://nvd.nist.gov/vuln/detail/CVE-2023-2253) | | **N/A** | **Security fixes for apigee-kube-rbac-proxy.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) | | **N/A** | **Security fixes for apigee-hybrid-cassandra.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) | | **N/A** | **Security fixes for apigee-fluent-bit.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-3817](https://nvd.nist.gov/vuln/detail/CVE-2023-3817) [CVE-2023-36054](https://nvd.nist.gov/vuln/detail/CVE-2023-36054) [CVE-2023-3446](https://nvd.nist.gov/vuln/detail/CVE-2023-3446) | | **N/A** | **Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-4586](https://nvd.nist.gov/vuln/detail/CVE-2023-4586) [CVE-2023-34462](https://nvd.nist.gov/vuln/detail/CVE-2023-34462) | | **N/A** | **Security fixes for apigee-cassandra-backup-utility, apigee-hybrid-cassandra-client, and apigee-connect-agent.** (Fixed in Apigee hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) | | **N/A** | **Security fixes for apigee-asm-ingress and apigee-asm-istiod.** (Fixed in Apigee hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-28842](https://nvd.nist.gov/vuln/detail/CVE-2023-28842) [CVE-2023-28841](https://nvd.nist.gov/vuln/detail/CVE-2023-28841) [CVE-2023-28840](https://nvd.nist.gov/vuln/detail/CVE-2023-28840) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-2253](https://nvd.nist.gov/vuln/detail/CVE-2023-2253) |