Security News > 2021 > January > Oracle's January 2021 CPU Contains 329 New Security Patches
Oracle this week announced the availability of its first cumulative set of security fixes for 2021, which includes a total of 329 new patches.
The January 2021 Critical Patch Update addresses issues in both Oracle products and third-party components that are included in the company's products, with some of the patches meant to address multiple vulnerabilities, some reported more than a year ago.
The January 2021 CPU also includes fixes for CVE-2020-14750, an exploited vulnerability in WebLogic Server, which Oracle addressed with the release of an out-of-band update on November 1, 2020.
Oracle's quarterly collection of patches brings fixes for more than 20 products across the tech giant's portfolio, with Fusion Middleware being affected the most: it received 60 patches, with 47 of the resolved vulnerabilities being remotely exploitable, without authentication.
Retail Applications, with 32 patches and 20 vulnerabilities that can be exploited remotely without authentication, and E-Business Suite, with 31 fixes and 29 bugs remotely exploitable by unauthenticated attackers, round up the top five most impacted products.
Oracle's next set of quarterly patches will be released on April 20, 2021.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-02 | CVE-2020-14750 | Unspecified vulnerability in Oracle Fusion Middleware Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). | 7.5 |