Oracle rings in the new year with its first Critical Patch Update of 2020 addressing 255 CVEs across 334 security patches, including critical vulnerabilities in Oracle WebLogic Server.

On January 14, Oracle released its Critical Patch Update (CPU) for January 2020 as part of its quarterly release of security patches. This update contains fixes for 255 CVEs in 334 patches across multiple Oracle products.

This quarter’s CPU included 43 critical vulnerabilities across 25 unique CVEs, 41 of which can be remotely exploited without authentication. The most widely patched product families include Oracle Enterprise Manager (50 patches), Oracle Fusion Middleware (38 patches), Oracle Communications Applications (25 patches), Oracle E-Business Suite (23 patches) and Oracle MySQL (19 patches). Here we describe in more detail some of the critically scored CVEs.

For a detailed look at Oracle's January 2020 CPU, please check out our blog.