On 20 October 2020 Oracle released their Critical Patch Update (CPU) containing 402 new security vulnerabilities across multiple product families, including:
- Oracle Database Server
- Oracle MySQL
- Oracle Big Data Graph
- Oracle REST Data Services
- Oracle TimesTen In-Memory Database
- Oracle Communications Applications
- Oracle Communications
- Oracle Construction and Engineering
- Oracle E-Business Suite
- Oracle Enterprise Manager
- Oracle Financial Services Applications
- Oracle Food and Beverage Applications
- Oracle Fusion Middleware
- Oracle GraalVM
- Oracle Health Sciences Applications
- Oracle Hospitality Applications
- Oracle Hyperion
- Oracle Insurance Applications
- Oracle Java SE,
- Oracle PeopleSoft
- Oracle Policy Automation
- Oracle Retail Applications
- Oracle Siebel CRM
- Oracle Supply Chain
- Oracle Systems
- Oracle Utilities Applications
- Oracle Virtualization
Please refer to the Advisory located at https://oracle.com/security-alerts/cpuoct2020.html for detailed information about the vulnerabilities fixed in this Critical Patch Update as well as for patch download information.
OSSA (Oracle Software Security Assurance) located at https://www.oracle.com/corporate/security-practices/assurance
Vulnerabilities in third-party components included with Oracle products are explained at https://www.oracle.com/security-alerts/thirdpartycomponents.html.