The Oracle Critical Patch Update for October 2018 includes updates for Java SE [1] that fix several vulnerabilities.
Airlock WAF uses Java in the Configuration Center and in several add-on modules. In particular, Airlock Login on WAF runs on Java.
Airlock Login/IAM relies on a separately installed Java environment. This Java runtime environment is maintained by the system administrator.
Airlock WAF and Login/IAM are not affected.
Details:
General Advice: We strongly recommend to update all client deployments of Java and uninstalling Java from clients where it is not needed.