CVE-2016-3425 Affects the component JAXP. Airlock WAF is using JAXP for XML configuration parsing and is not affected because configuration files are only accepted from trusted sources.
CVE-2016-3427 Affected component JMX is not used by Airlock WAF.
CVE-2016-0695 Affects DSA (Digital Signature Algorithm) usage with an improper Keysize. Airlock WAF is using the correct Keysize for all DSA applications and is therefore not affected.