The Oracle Critical Patch Update for January 2019 includes updates for Java SE [1] that fix several vulnerabilities.
Airlock WAF uses Java in the Configuration Center and in several add-on modules. In particular, Airlock Login on WAF runs on Java.
Airlock Login/IAM before version 7.0 relies on a separately installed Java environment and the Java runtime environment is maintained by the system administrator.
Airlock WAF and Login/IAM are not affected.
Details:
General Advice: We strongly recommend to update all client deployments of Java and uninstalling Java from clients where it is not needed.