Enterprise software giant Oracle has released its April Critical Patch Update (CPU) advisory, which includes 520 fixes for security flaws.
Critical Patch Updates are collections of security fixes for Oracle products, published quarterly. This update addresses security flaws in dozens of products with three bugs getting a severity rating of 10 out of a possible 10, and about 70 with a score of 9.8.
Oracle notes that customers should update their software as soon as they can, as it continues to receive reports periodically of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches: “In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.”
Oracle Communications Cloud Native Core Network Exposure Function has two bugs with a score of 10, both tracked as CVE-2022-22947, and 31 bugs with a score of 9.8, while Oracle Communications Billing and Revenue Management is affected by one flaw