Oracle releases Critical Patch Update Advisory – January 2019: fix 284 security bugs
On January 15, 2019, Oracle officially released the January 2019 Critical Patch Update (CPU), security notices and third-party security bulletins and other announcements, and fixed 284 different levels of vulnerability. See the appendix table for the impact of each product and the availability of patches.
Vulnerability summary
Product | Number of vulnerabilities | Unauthorized remote utilization | Highest CVSS score |
Oracle Database server | 3 | 0 | 8.2 |
Oracle Communications Applications | 33 | 29 | 9.8 |
Oracle Constructions and Engineering Suite | 4 | 4 | 9.8 |
Oracle E-Business Suite | 16 | 16 | 9.1 |
Oracle Enterprise Manager Products Suite | 11 | 9 | 9.8 |
Oracle Financial Services Applications | 9 | 9 | 9.8 |
Oracle Food and Beverage Applications | 6 | 3 | 8.1 |
Oracle Fusion Middleware | 62 | 57 | 9.8 |
Oracle Health Sciences Applications | 6 | 2 | 8.8 |
Oracle Hospitality Applications | 5 | 0 | 7.8 |
Oracle Hyperion | 1 | 0 | 4.3 |
Oracle Insurance Applications | 5 | 3 | 8.8 |
Oracle Java SE | 5 | 5 | 6.1 |
Oracle JD Edwards | 2 | 2 | 9.8 |
Oracle MySQL | 30 | 3 | 9.1 |
Oracle PeopleSoft Products | 20 | 15 | 8.8 |
Oracle Retail Applications | 16 | 15 | 9.8 |
Oracle Siebel CRM | 1 | 1 | 9.8 |
Oracle Sun Systems Products | 11 | 5 | 9.8 |
Oracle Supply Chain Products Suite | 5 | 4 | 9.8 |
Oracle Support Tools | 1 | 1 | 7.5 |
Oracle Utilities Applications | 2 | 2 | 9.8 |
Oracle Virtualization | 30 | 4 | 8.8 |
Oracle strongly recommends that customers download and install critical patch update fixes as soon as possible.