Oracle released 441 new security patches as part of its April 2024 Critical Patch Update, with over 200 addressing vulnerabilities exploitable by remote, unauthenticated attackers. SecurityWeek identified approximately 230 unique CVEs, with more than 30 patches targeting critical-severity flaws. The patches cover a wide range of Oracle products, including Communications, Fusion Middleware, Financial Services Applications, and E-Business Suite, among others. Additionally, patches were issued for MySQL, Java SE, Virtualization, and various other applications. Oracle advises customers to apply the patches promptly to mitigate potential risks, emphasizing the importance of staying on actively-supported versions and applying Critical Patch Update security patches without delay. In addition, Oracle released security patches for third-party components in Solaris, Oracle Linux, and Oracle VM Server for x86.

Read more: https://www.securityweek.com/oracle-patches-230-vulnerabilities-with-april-2024-cpu/