Oracle Critical Patch Update for April 2022 Contains Fixes For 221 CVEs

On April 19, Oracle released its Critical Patch Update for April 2022, the second update for the year as part of its quarterly update release cycle. This quarterly release contains fixes for 221 CVEs in 520 security patches across a variety of Oracle products.

In this release, Oracle addressed 27 critical rated CVEs, 69 high rated CVEs, 114 medium rated CVEs and 11 low rated CVEs. Some notable vulnerabilities this quarter include vulnerabilities in the Oracle Communications products, as well as CVE-2022-21449, a cryptographic signature vulnerability in Java 15, 16, 17 and 18.

For more information about the vulnerabilities in this quarterly release, including the availability of patches and Tenable product coverage, please visit our blog.