High Threat Security Alert (A22-04-20): Multiple Vulnerabilities in Oracle Java and Oracle Products (April 2022)
20 April 2022
Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products. The list of security updates can be found at:
Reports indicate that the remote code execution vulnerabilities (CVE-2022-22963 and CVE-2022-22965) are at high risk of exploitation. System administrators are advised to take immediate actions to patch your affected systems to mitigate the elevated risk of cyber attacks.
Oracle Java SE
Oracle Linux and Virtualization
Oracle MySQL Product Suite
Oracle and Sun Systems Products Suite
Fusion Applications and Middleware
A complete list of the affected products can be found at:
Depending on the vulnerability exploited, a successful attack could lead to remote code execution, data tampering, denial of service, information disclosure or security restriction bypass on an affected system.
Patches for affected systems are available. Users of the affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
For Oracle Java SE products, please refer to the following link: