Thu. Dec 12th, 2019

Oracle Critical Patch Update July 2019: fixes 319 new security flaws

1 min read

On July 16, 2019, Oracle officially released the July 2019 Critical Patch Update (CPU), security notices and third-party security bulletins and other announcements, and fixed 319 different levels of vulnerability.

“Oracle World San Francisco 2006”by stevegarfield is licensed under CC BY-NC-SA 2.0

A critical patch update is a collection of fixes for multiple security vulnerabilities. Critical patch updates are usually cumulative, but each time only describes the security fixes added since the last critical patch update advisory. Therefore, important update recommendations for previously released security patches should be reviewed for information on security fixes for earlier releases.

Vulnerability summary

Product Number of vulnerabilities Unauthorized remote utilization Highest CVSS score
Oracle Database server 8 1 9.8
Oracle Global Lifecycle Management 1 0 7.2
Oracle Berkeley DB 5 0 7.0
Oracle Communications Applications 24 21 9.8
Oracle Construction and Engineering Suite 8 8 9.8
Oracle E-Business Suite 13 12 9.6
Oracle Enterprise Manager Products Suite 12 10 9.8
Oracle Financial Services Applications 60 50 9.8
Oracle Food and Beverage Applications 3 2 8.2
Oracle Fusion Middleware 33 28 9.8
Oracle Hospitality Applications 2 1 6.5
Oracle Hyperion 3 0 4.5
Oracle Insurance Applications 7 7 9.8
Oracle Java SE 10 9 6.8
Oracle GraalVM 2 1 7.7
Oracle JD Edwards Products 5 5 9.8
Oracle MySQL 45 4 9.8
Oracle PeopleSoft Products 8 5 7.5
Oracle Retail Applications 21 14 9.8
Oracle Siebel CRM 3 1 6.1
Oracle Sun Systems Products Suite 14 8 9.8
Oracle Supply Chain Products Suite 8 6 9.8
Oracle Support Tools 7 7 9.8
Oracle Utilities Applications 3 3 9.8
Oracle Virtualization 14 1 8.8

In view of the threat posed by successful attacks, Oracle strongly recommends that customers download and install critical patch update fixes as soon as possible.