Oracle Critical Patch Update July 2019: fixes 319 new security flaws
On July 16, 2019, Oracle officially released the July 2019 Critical Patch Update (CPU), security notices and third-party security bulletins and other announcements, and fixed 319 different levels of vulnerability.
“Oracle World San Francisco 2006”by stevegarfield is licensed under CC BY-NC-SA 2.0
A critical patch update is a collection of fixes for multiple security vulnerabilities. Critical patch updates are usually cumulative, but each time only describes the security fixes added since the last critical patch update advisory. Therefore, important update recommendations for previously released security patches should be reviewed for information on security fixes for earlier releases.
Vulnerability summary
| Product | Number of vulnerabilities | Unauthorized remote utilization | Highest CVSS score |
| Oracle Database server | 8 | 1 | 9.8 |
| Oracle Global Lifecycle Management | 1 | 0 | 7.2 |
| Oracle Berkeley DB | 5 | 0 | 7.0 |
| Oracle Communications Applications | 24 | 21 | 9.8 |
| Oracle Construction and Engineering Suite | 8 | 8 | 9.8 |
| Oracle E-Business Suite | 13 | 12 | 9.6 |
| Oracle Enterprise Manager Products Suite | 12 | 10 | 9.8 |
| Oracle Financial Services Applications | 60 | 50 | 9.8 |
| Oracle Food and Beverage Applications | 3 | 2 | 8.2 |
| Oracle Fusion Middleware | 33 | 28 | 9.8 |
| Oracle Hospitality Applications | 2 | 1 | 6.5 |
| Oracle Hyperion | 3 | 0 | 4.5 |
| Oracle Insurance Applications | 7 | 7 | 9.8 |
| Oracle Java SE | 10 | 9 | 6.8 |
| Oracle GraalVM | 2 | 1 | 7.7 |
| Oracle JD Edwards Products | 5 | 5 | 9.8 |
| Oracle MySQL | 45 | 4 | 9.8 |
| Oracle PeopleSoft Products | 8 | 5 | 7.5 |
| Oracle Retail Applications | 21 | 14 | 9.8 |
| Oracle Siebel CRM | 3 | 1 | 6.1 |
| Oracle Sun Systems Products Suite | 14 | 8 | 9.8 |
| Oracle Supply Chain Products Suite | 8 | 6 | 9.8 |
| Oracle Support Tools | 7 | 7 | 9.8 |
| Oracle Utilities Applications | 3 | 3 | 9.8 |
| Oracle Virtualization | 14 | 1 | 8.8 |
In view of the threat posed by successful attacks, Oracle strongly recommends that customers download and install critical patch update fixes as soon as possible.
