以下各節說明 Apigee Edge 和 Edge for Private Cloud 的已知問題。在大多數情況下,我們會在日後推出的版本中修正所列問題。
Miscellaneous Edge known issues
The following sections describe miscellaneous known issues with Edge.
Area/Summary
Known issues
Cache expire results in incorrect cachehit value
When the cachehit flow variable is used after the
LookupCache policy, due to the way debug points are dispatched for
asynchronous behavior, the LookupPolicy populates the DebugInfo object
before the call back has executed, resulting in an error.
Workaround: Repeat the process (make second call) again right
after the first call.
Setting InvalidateCache Policy
PurgeChildEntries to true does not work correctly
Setting PurgeChildEntries in the
InvalidateCache policy should purge the KeyFragment element values only but
clears the entire cache.
Workaround: Use the
KeyValueMapOperations policy
to iterate cache versioning and bypass the need for cache invalidation.
Concurrent deployment requests for a SharedFlow or API proxy
can result in an inconsistent state in the Management Server
where multiple revisions are shown as deployed.
This can happen,
for example, when concurrent runs of a CI/CD deployment pipeline
occur using different revisions. To avoid this problem, avoid
deploying API proxies or SharedFlows before the current
deployment is complete.
Workaround: Avoid concurrent API proxy or SharedFlow deployments.
API call counts shown in
Edge API Analytics might contain
duplicate data.
Edge API Analytics can sometimes contain duplicate data for API calls. In that case the counts shown for
API calls in Edge API Analytics are higher than the comparable values shown in third-party analytics tools.
For example, the following features from the OpenAPI Specification 3.0 are not yet supported:
allOf properties for combining and extending schemas
Remote references
If an unsupported feature is referenced in your OpenAPI Specification, in some cases the tools will ignore the feature but still
render the API reference documentation. In other cases, an unsupported feature will cause errors that prevent the successful rendering
of the API reference documentation. In either case, you will need to modify your OpenAPI Specification to avoid use of the unsupported
feature until it is supported in a future release.
Note: Because the spec editor is less restrictive than SmartDocs when rendering API reference documentation,
you may experience different results between the tools.
When using Try this API in the portal, the Accept header is set to application/json regardless of the value set for consumes in the OpenAPI Specification.
Single logout (SLO) with the SAML identity provider is not supported for custom domains. To enable a custom domain with a SAML identity provider, leave
the Sign-out URL field blank
when you configure SAML settings.
Portal admin
Simultaneous portal updates (such as page, theme, CSS, or script edits) by multiple users is not supported at this time.
If you delete an API reference documentation page from the portal, there is no way to recreate it; you'll need to delete and re-add
the API product, and regenerate the API reference documentation.
在預設出貨設定中,Apigee Edge for Private Cloud「不會」受到這項安全漏洞影響。CVE-2026-42945 的可利用性取決於特定的 NGINX 設定模式,特別是在特定序列中使用 rewrite 指令。任何標準的 Apigee Edge for Private Cloud NGINX 設定中,都不會出現這些模式。
敬請採取行動:
預設 Apigee Edge for Private Cloud 設定:不需要修補程式、升級或作業變更。對於預設安裝,掃描器發現的 CVE-2026-42945 相關問題可視為誤報。您可以在安全漏洞管理系統中使用下列文字,記錄這項例外狀況:
CVE-2026-42945 — Accepted exception (false positive for Apigee Edge for Private Cloud). Apigee Edge for Private Cloud does not use the rewrite directive in any shipped NGINX configuration. The vulnerable code path in ngx_http_rewrite_module is configuration-gated and is not reachable in the default Apigee Edge for Private Cloud deployment.