Maintained with ☕️ by
IcePanel logo
StackFeed logo
Google Cloud Platform logo
Original post

CVE-2025-48924 CVE-2025-67735 CVE-2025-48924 CVE-2025-67735 CVE-2025-48924

Share

Services

## Security Security | Bug ID | Description | | ----------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **471502899, 471173561** | **Security fixes for apigee-synchronizer.** This addresses the following vulnerabilities: [CVE-2025-48924](https://nvd.nist.gov/vuln/detail/CVE-2025-48924) [CVE-2025-67735](https://nvd.nist.gov/vuln/detail/CVE-2025-67735) | | **471502752, 471191392** | **Security fixes for apigee-runtime.** This addresses the following vulnerabilities: [CVE-2025-48924](https://nvd.nist.gov/vuln/detail/CVE-2025-48924) [CVE-2025-67735](https://nvd.nist.gov/vuln/detail/CVE-2025-67735) | | **471502495, 471501875, 471126425** | **Security fixes for apigee-mart-server.** This addresses the following vulnerabilities: [CVE-2025-48924](https://nvd.nist.gov/vuln/detail/CVE-2025-48924) [CVE-2025-67735](https://nvd.nist.gov/vuln/detail/CVE-2025-67735) | | **471016560, 471015664, 471015120** | **Security fixes for apigee-hybrid-cassandra.** This addresses the following vulnerabilities: [CVE-2022-40897](https://nvd.nist.gov/vuln/detail/CVE-2022-40897) [CVE-2025-47273](https://nvd.nist.gov/vuln/detail/CVE-2025-47273) [CVE-2025-48924](https://nvd.nist.gov/vuln/detail/CVE-2025-48924) | | **451224723, 451224123** | **Security fixes for apigee-fluent-bit.** This addresses the following vulnerabilities: [CVE-2010-4756](https://nvd.nist.gov/vuln/detail/CVE-2010-4756) [CVE-2011-3389](https://nvd.nist.gov/vuln/detail/CVE-2011-3389) [CVE-2013-4392](https://nvd.nist.gov/vuln/detail/CVE-2013-4392) [CVE-2015-3276](https://nvd.nist.gov/vuln/detail/CVE-2015-3276) [CVE-2017-14159](https://nvd.nist.gov/vuln/detail/CVE-2017-14159) [CVE-2017-17740](https://nvd.nist.gov/vuln/detail/CVE-2017-17740) [CVE-2018-20796](https://nvd.nist.gov/vuln/detail/CVE-2018-20796) [CVE-2018-5709](https://nvd.nist.gov/vuln/detail/CVE-2018-5709) [CVE-2018-6829](https://nvd.nist.gov/vuln/detail/CVE-2018-6829) [CVE-2019-1010022](https://nvd.nist.gov/vuln/detail/CVE-2019-1010022) [CVE-2019-1010023](https://nvd.nist.gov/vuln/detail/CVE-2019-1010023) [CVE-2019-1010024](https://nvd.nist.gov/vuln/detail/CVE-2019-1010024) [CVE-2019-1010025](https://nvd.nist.gov/vuln/detail/CVE-2019-1010025) [CVE-2019-9192](https://nvd.nist.gov/vuln/detail/CVE-2019-9192) [CVE-2020-15719](https://nvd.nist.gov/vuln/detail/CVE-2020-15719) [CVE-2022-27943](https://nvd.nist.gov/vuln/detail/CVE-2022-27943) [CVE-2023-2953](https://nvd.nist.gov/vuln/detail/CVE-2023-2953) [CVE-2023-31437](https://nvd.nist.gov/vuln/detail/CVE-2023-31437) [CVE-2023-31438](https://nvd.nist.gov/vuln/detail/CVE-2023-31438) [CVE-2023-31439](https://nvd.nist.gov/vuln/detail/CVE-2023-31439) [CVE-2023-45853](https://nvd.nist.gov/vuln/detail/CVE-2023-45853) [CVE-2024-2236](https://nvd.nist.gov/vuln/detail/CVE-2024-2236) [CVE-2024-2379](https://nvd.nist.gov/vuln/detail/CVE-2024-2379) [CVE-2024-26458](https://nvd.nist.gov/vuln/detail/CVE-2024-26458) [CVE-2024-26461](https://nvd.nist.gov/vuln/detail/CVE-2024-26461) [CVE-2025-0725](https://nvd.nist.gov/vuln/detail/CVE-2025-0725) [CVE-2025-10148](https://nvd.nist.gov/vuln/detail/CVE-2025-10148) [CVE-2025-27587](https://nvd.nist.gov/vuln/detail/CVE-2025-27587) [CVE-2025-62813](https://nvd.nist.gov/vuln/detail/CVE-2025-62813) [CVE-2025-9086](https://nvd.nist.gov/vuln/detail/CVE-2025-9086) [CVE-2025-9230](https://nvd.nist.gov/vuln/detail/CVE-2025-9230) [CVE-2025-9232](https://nvd.nist.gov/vuln/detail/CVE-2025-9232) | | **N/A** | **Security fixes for apigee-asm-ingress.** This addresses the following vulnerability: [CVE-2026-24051](https://nvd.nist.gov/vuln/detail/CVE-2026-24051) | | **N/A** | **Security fixes for apigee-asm-istiod.** This addresses the following vulnerability: [CVE-2026-24051](https://nvd.nist.gov/vuln/detail/CVE-2026-24051) | | **N/A** | **Security fixes for apigee-connect-agent.** This addresses the following vulnerabilities: [CVE-2025-68121](https://nvd.nist.gov/vuln/detail/CVE-2025-68121) [CVE-2025-68119](https://nvd.nist.gov/vuln/detail/CVE-2025-68119) [CVE-2025-61732](https://nvd.nist.gov/vuln/detail/CVE-2025-61732) [CVE-2025-61731](https://nvd.nist.gov/vuln/detail/CVE-2025-61731) [CVE-2025-61729](https://nvd.nist.gov/vuln/detail/CVE-2025-61729) [CVE-2025-61726](https://nvd.nist.gov/vuln/detail/CVE-2025-61726) [CVE-2025-4674](https://nvd.nist.gov/vuln/detail/CVE-2025-4674) | | **N/A** | **Security fixes for apigee-hybrid-cassandra-client.** This addresses the following vulnerabilities: [CVE-2026-24051](https://nvd.nist.gov/vuln/detail/CVE-2026-24051) [CVE-2025-68121](https://nvd.nist.gov/vuln/detail/CVE-2025-68121) [CVE-2025-68119](https://nvd.nist.gov/vuln/detail/CVE-2025-68119) [CVE-2025-61732](https://nvd.nist.gov/vuln/detail/CVE-2025-61732) [CVE-2025-61731](https://nvd.nist.gov/vuln/detail/CVE-2025-61731) [CVE-2025-61729](https://nvd.nist.gov/vuln/detail/CVE-2025-61729) [CVE-2025-61726](https://nvd.nist.gov/vuln/detail/CVE-2025-61726) [CVE-2025-61725](https://nvd.nist.gov/vuln/detail/CVE-2025-61725) [CVE-2025-61723](https://nvd.nist.gov/vuln/detail/CVE-2025-61723) [CVE-2025-58188](https://nvd.nist.gov/vuln/detail/CVE-2025-58188) [CVE-2025-58187](https://nvd.nist.gov/vuln/detail/CVE-2025-58187) [CVE-2025-47907](https://nvd.nist.gov/vuln/detail/CVE-2025-47907) [CVE-2025-4674](https://nvd.nist.gov/vuln/detail/CVE-2025-4674) | | **N/A** | **Security fixes for apigee-kube-rbac-proxy.** This addresses the following vulnerabilities: [CVE-2025-61729](https://nvd.nist.gov/vuln/detail/CVE-2025-61729) [CVE-2025-61725](https://nvd.nist.gov/vuln/detail/CVE-2025-61725) [CVE-2025-61723](https://nvd.nist.gov/vuln/detail/CVE-2025-61723) [CVE-2025-58188](https://nvd.nist.gov/vuln/detail/CVE-2025-58188) [CVE-2025-58187](https://nvd.nist.gov/vuln/detail/CVE-2025-58187) [CVE-2026-24051](https://nvd.nist.gov/vuln/detail/CVE-2026-24051) | | **N/A** | **Security fixes for apigee-open-telemetry-collector.** This addresses the following vulnerabilities: [CVE-2025-58188](https://nvd.nist.gov/vuln/detail/CVE-2025-58188) [CVE-2025-58187](https://nvd.nist.gov/vuln/detail/CVE-2025-58187) [CVE-2026-24051](https://nvd.nist.gov/vuln/detail/CVE-2026-24051) [CVE-2025-68156](https://nvd.nist.gov/vuln/detail/CVE-2025-68156) [CVE-2025-61729](https://nvd.nist.gov/vuln/detail/CVE-2025-61729) [CVE-2025-4674](https://nvd.nist.gov/vuln/detail/CVE-2025-4674) [CVE-2025-29786](https://nvd.nist.gov/vuln/detail/CVE-2025-29786) | | **N/A** | **Security fixes for apigee-open-telemetry-collector:.** This addresses the following vulnerability: [CVE-2025-29786](https://nvd.nist.gov/vuln/detail/CVE-2025-29786) | | **N/A** | **Security fixes for apigee-operators.** This addresses the following vulnerability: [CVE-2025-61725](https://nvd.nist.gov/vuln/detail/CVE-2025-61725) | | **N/A** | **Security fixes for apigee-prom-prometheus.** This addresses the following vulnerabilities: [CVE-2025-58188](https://nvd.nist.gov/vuln/detail/CVE-2025-58188) [CVE-2025-58187](https://nvd.nist.gov/vuln/detail/CVE-2025-58187) [CVE-2026-24051](https://nvd.nist.gov/vuln/detail/CVE-2026-24051) [CVE-2025-68119](https://nvd.nist.gov/vuln/detail/CVE-2025-68119) [CVE-2025-61731](https://nvd.nist.gov/vuln/detail/CVE-2025-61731) [CVE-2025-61729](https://nvd.nist.gov/vuln/detail/CVE-2025-61729) [CVE-2025-61726](https://nvd.nist.gov/vuln/detail/CVE-2025-61726) [CVE-2025-47913](https://nvd.nist.gov/vuln/detail/CVE-2025-47913) [CVE-2025-4674](https://nvd.nist.gov/vuln/detail/CVE-2025-4674) | | **N/A** | **Security fixes for apigee-prometheus-adapter.** This addresses the following vulnerabilities: [CVE-2025-58188](https://nvd.nist.gov/vuln/detail/CVE-2025-58188) [CVE-2025-58187](https://nvd.nist.gov/vuln/detail/CVE-2025-58187) [CVE-2026-24051](https://nvd.nist.gov/vuln/detail/CVE-2026-24051) [CVE-2025-68119](https://nvd.nist.gov/vuln/detail/CVE-2025-68119) [CVE-2025-61731](https://nvd.nist.gov/vuln/detail/CVE-2025-61731) [CVE-2025-61729](https://nvd.nist.gov/vuln/detail/CVE-2025-61729) [CVE-2025-61726](https://nvd.nist.gov/vuln/detail/CVE-2025-61726) [CVE-2025-4674](https://nvd.nist.gov/vuln/detail/CVE-2025-4674) | | **N/A** | **Security fixes for apigee-redis.** This addresses the following vulnerabilities: [CVE-2025-68121](https://nvd.nist.gov/vuln/detail/CVE-2025-68121) [CVE-2025-68119](https://nvd.nist.gov/vuln/detail/CVE-2025-68119) [CVE-2025-61732](https://nvd.nist.gov/vuln/detail/CVE-2025-61732) [CVE-2025-61731](https://nvd.nist.gov/vuln/detail/CVE-2025-61731) [CVE-2025-61729](https://nvd.nist.gov/vuln/detail/CVE-2025-61729) [CVE-2025-61726](https://nvd.nist.gov/vuln/detail/CVE-2025-61726) [CVE-2025-61725](https://nvd.nist.gov/vuln/detail/CVE-2025-61725) [CVE-2025-61723](https://nvd.nist.gov/vuln/detail/CVE-2025-61723) [CVE-2025-58188](https://nvd.nist.gov/vuln/detail/CVE-2025-58188) [CVE-2025-58187](https://nvd.nist.gov/vuln/detail/CVE-2025-58187) [CVE-2025-47907](https://nvd.nist.gov/vuln/detail/CVE-2025-47907) [CVE-2025-4674](https://nvd.nist.gov/vuln/detail/CVE-2025-4674) | | **N/A** | **Security fixes for apigee-stackdriver-logging-agent.** This addresses the following vulnerabilities: [CVE-2025-61594](https://nvd.nist.gov/vuln/detail/CVE-2025-61594) [CVE-2025-24294](https://nvd.nist.gov/vuln/detail/CVE-2025-24294) | | **N/A** | **Security fixes for apigee-udca.** This addresses the following vulnerabilities: [CVE-2026-24051](https://nvd.nist.gov/vuln/detail/CVE-2026-24051) [CVE-2025-68121](https://nvd.nist.gov/vuln/detail/CVE-2025-68121) [CVE-2025-68119](https://nvd.nist.gov/vuln/detail/CVE-2025-68119) [CVE-2025-61732](https://nvd.nist.gov/vuln/detail/CVE-2025-61732) [CVE-2025-61731](https://nvd.nist.gov/vuln/detail/CVE-2025-61731) [CVE-2025-61729](https://nvd.nist.gov/vuln/detail/CVE-2025-61729) [CVE-2025-61726](https://nvd.nist.gov/vuln/detail/CVE-2025-61726) [CVE-2025-61725](https://nvd.nist.gov/vuln/detail/CVE-2025-61725) [CVE-2025-61723](https://nvd.nist.gov/vuln/detail/CVE-2025-61723) [CVE-2025-58188](https://nvd.nist.gov/vuln/detail/CVE-2025-58188) [CVE-2025-58187](https://nvd.nist.gov/vuln/detail/CVE-2025-58187) [CVE-2025-47907](https://nvd.nist.gov/vuln/detail/CVE-2025-47907) | ## Fix Fixed #### Fixed in this release | Bug ID | Description | | ------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **469694040** | **Fixed an issue where custom Java security policies were intermittently not applied during runtime pod restarts or environment contract updates, which could lead to "Permission denied" errors in Java callouts.** | ## Announcement Announcement ### hybrid v1.15.2 On March 11, 2026 we released an updated version of the Apigee hybrid software, v1.15.2. * For information on upgrading, see [Upgrading Apigee hybrid to version v1.15.2](https://cloud.google.com/apigee/docs/hybrid/v1.15/upgrade). * For information on new installations, see [The big picture](https://cloud.google.com/apigee/docs/hybrid/v1.15/big-picture). **Note:** This is a patch release: The container images used in patch releases are integrated with the Apigee hybrid Helm charts. Upgrading to a patch via the Helm chart automatically updates the images. No manual image changes are typically needed. For information on container image support in Apigee hybrid releases, see [Apigee release process](https://cloud.google.com/apigee/docs/release/apigee-release-process#apigee-hybrid-container-images).

What else is happening at Google Cloud Platform?

Google Cloud Platform logo

Datastream is now available in additional regions For the list of all available regions, see IP allowlists and regions

in 9 months

Share
Google Cloud Platform logo

The following images are now rolling out for managed Cloud Service Mesh

about 7 hours ago

Share
Google Cloud Platform logo

The CRIME_STATUS infoType detector is available in Preview. For more information about all infoTypes, see InfoType detector reference

about 7 hours ago

Share
Google Cloud Platform logo

The following images are now rolling out for managed Cloud Service Mesh

about 7 hours ago

Share
Google Cloud Platform logo

Security monitoring condition support in Advanced API Security for multi-gateway projects

1 day ago

Share
Google Cloud Platform logo

Managed OpenTelemetry for GKE is available in Preview for clusters running version 1.34.1-gke.2178000 or later

1 day ago

Share