There have been massive security updates issued in the past, but Oracle’s latest release may have set a record containing 397 security patches containing 450 CVE spread over more than 100 products.
Oracle’s update matrix does make it easy to discern how the various vulnerabilities are ranked, but Tenable did offer an overview of how the patches break down. Sixty-six, or 16.6 percent, of the total were rated critical; 180, or 45 percent, were rated high; 134, or 33.8, percent rated medium, and 17, or 4.3 were called low priority.
Tenable noted Oracle E-Business Suite, Oracle Fusion Middleware and Oracle MySQL were the top three affected products receiving, respectively, 74, 51 and 45 patches.
The update, which is done quarterly by Oracle, is large even by the company’s standards which saw it cover 218 vulnerabilities in October 2019. By comparison Microsoft’s April Patch Tuesday offering contained 113 vulnerabilities with 19 critical issues patched.
Oracle has supplied links to the software updates and recommends the patches be applied as soon as possible.