Oracle Critical Patch Update Advisory - January 2020
A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches are usually cumulative, but each advisory describes only the security patches added
since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be
reviewed for information regarding earlier published security patches. Please refer to:
Critical Patch Updates, Security Alerts and Bulletins for information about Oracle Security Advisories.
Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities
for which Oracle has already released security patches. In some instances, it has been reported that attackers have
been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore
strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update
security patches without delay.
This Critical Patch Update contains 334 new security patches across the product families
listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle
Software Security Assurance activities is located at
January 2020 Critical Patch Update: Executive Summary and Analysis.