Oracle Family January 2025 Security Update Advisory
Overview
Oracle(https://www.oracle.com) has released a security update that addresses a vulnerability in its supplied products. Users of affected systems are advised to update to the latest version.
Affected Products
[Oracle Analytics Desktop product family]
Oracle Analytics Desktop 8.1.0 or below
[Oracle BI Publisher product family]
Oracle BI Publisher 7.0.0.0.0.0 versions
Oracle BI Publisher 7.6.0.0.0.0 version
[Oracle Business Intelligence Enterprise Edition product family] Oracle Business Intelligence Enterprise Edition 12.2.1.4.0
Oracle Business Intelligence Enterprise Edition 12.2.1.4.0 version
Oracle Business Intelligence Enterprise Edition 7.0.0.0.0.0 version
Oracle Business Intelligence Enterprise Edition 7.6.0.0.0.0 version
[Oracle Application Express product family]
Oracle Application Express version 23.2
Oracle Application Express version 24.1
[Oracle Big Data Spatial and Graph product family] Oracle Big Data Spatial and Graph 3.07 version
Oracle Big Data Spatial and Graph 3.07 version
[Oracle Blockchain Platform product family]
Oracle Blockchain Platform 21.1.2 version
Oracle Blockchain Platform 24.1.3 version
[Oracle Commerce Guided Search family] Oracle Commerce Guided Search 11.3.2 version
Oracle Commerce Guided Search 11.3.2 version
[Oracle Communications Cloud Native Core Automated Test Suite product family]
Oracle Communications Cloud Native Core Automated Test Suite version 24.2.0 [Oracle Communications Cloud Native Core Automated Test Suite family
[Oracle Communications Cloud Native Core Binding Support Function Suite] Oracle Communications Cloud Native Core Automated Test Suite 24.2.0 version
Oracle Communications Cloud Native Core Binding Support Function Version 24.2.0 [Oracle Communications Cloud Native Core Binding Support Function Suite
Oracle Communications Cloud Native Core Binding Support Function 24.2.1 Version
[Oracle Communications Cloud Native Core Certificate Management Suite] [Oracle Communications Cloud Native Core Certificate Management Suite]
Oracle Communications Cloud Native Core Certificate Management version 24.2.1
[Oracle Communications Cloud Native Core Console Suite] Oracle Communications Cloud Native Core Certificate Management 24.2.1 Version
Oracle Communications Cloud Native Core Console version 24.2.1
[Oracle Communications Cloud Native Core DBTier Suite] Oracle Communications Cloud Native Core Certificate Management
Oracle Communications Cloud Native Core DBTier Version 24.3.0 [Oracle Communications Cloud Native Core DBTier Family
[Oracle Communications Cloud Native Core Network Function Cloud Native Environment Suite] Oracle Communications Cloud Native Core Network Function Cloud Native Environment Suite
Oracle Communications Cloud Native Core Network Function Cloud Native Environment Version 24.2.0 [Oracle Communications Cloud Native Core Network Function Cloud Native Environment Family
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 24.3.0 version
[Oracle Communications Cloud Native Core Network Repository Function Family]
Oracle Communications Cloud Native Core Network Repository Function 24.2.2 version
[Oracle Communications Cloud Native Core Policy Suite] Oracle Communications Cloud Native Core Policy Suite
Oracle Communications Cloud Native Core Policy versions 24.2.0-24.2.2
[Oracle Communications Cloud Native Core Security Edge Protection Proxy Suite] [Oracle Communications Cloud Native Core Security Edge Protection Proxy Suite]
Oracle Communications Cloud Native Core Security Edge Protection Proxy Version 23.4.0 [Oracle Communications Cloud Native Core Security Edge Protection Proxy Family
Oracle Communications Cloud Native Core Security Edge Protection Proxy version 24.2.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 24.2.1 version
Oracle Communications Cloud Native Core Security Edge Protection Proxy 24.2.2 version
[Oracle Communications Cloud Native Core Service Communication Proxy family] [Oracle Communications Cloud Native Core Service Communication Proxy family]
Oracle Communications Cloud Native Core Service Communication Proxy Version 24.2.0 [Oracle Communications Cloud Native Core Service Communication Proxy Family
Oracle Communications Cloud Native Core Service Communication Proxy 24.3.0 version
[Oracle Communications Cloud Native Core Unified Data Repository Family] Oracle Communications Cloud Native Core Unified Data Repository Family
Oracle Communications Cloud Native Core Unified Data Repository 23.4.4 Version
Oracle Communications Cloud Native Core Unified Data Repository 24.1.1 Version
Oracle Communications Cloud Native Core Unified Data Repository 24.2.2 version
Oracle Communications Cloud Native Core Unified Data Repository 24.2.3 version
Oracle Communications Cloud Native Core Unified Data Repository 24.3.0 version
[Oracle Communications Converged Application Server product family]
Oracle Communications Converged Application Server 8.0 version
Oracle Communications Converged Application Server 8.1 version
[Oracle Communications Diameter Signaling Router family] Oracle Communications Diameter Signaling Router 8.2.3.2
Oracle Communications Diameter Signaling Router 8.2.3.0.0 version
Oracle Communications Diameter Signaling Router 8.6.0.4.0 version
Oracle Communications Diameter Signaling Router 9.0 versions
Oracle Communications Diameter Signaling Router 9.0.0.0.0.0 version
Oracle Communications Diameter Signaling Router 9.0.0.0.0.0-9.0.2.0.0 versions
[Oracle Communications EAGLE Element Management System family of products]
Oracle Communications EAGLE Element Management System 47.0.0.0.0.0 version
[Oracle Communications Network Analytics Data Director Family] Oracle Communications EAGLE Element Management System 47.0.0.0.0
Oracle Communications Network Analytics Data Director 24.1.0 version
Oracle Communications Network Analytics Data Director 24.2.0 version
[Oracle Communications Operations Monitor product family] Oracle Communications Operations Monitor 5.1 version
Oracle Communications Operations Monitor 5.1 version
Oracle Communications Operations Monitor 5.2 version
[Oracle Communications Policy Management product family]
Oracle Communications Policy Management 15.0.0.0.0.0 version
[Oracle Communications Session Border Controller product family] Oracle Communications Session Border Controller 9.2.0 version
Oracle Communications Session Border Controller 9.2.0 version
Oracle Communications Session Border Controller 9.3.0 version
[Oracle Communications User Data Repository product family] Oracle Communications User Data Repository 12.0.0 version
Oracle Communications User Data Repository 12.11 version
Oracle Communications User Data Repository 14.0 version
Oracle Communications User Data Repository 15.0 version
[Oracle Enterprise Communications Broker product family] Oracle Enterprise Communications Broker 4.0 version
Oracle Enterprise Communications Broker 4.1.0 version
Oracle Enterprise Communications Broker 4.2.0 version
[Oracle Enterprise Session Border Controller family] Oracle Enterprise Session Border Controller 9.2.0 version
Oracle Enterprise Session Border Controller 9.2.0 version
Oracle Enterprise Session Border Controller 9.3.0 version
[Oracle SD-WAN Edge product family] Oracle Enterprise Session Border Controller 9.3.0 version
Oracle SD-WAN Edge 9.1.1.0-9.1.1.8 versions
Oracle SD-WAN Edge 9.1.1.5-9.1.1.8 versions
Oracle SD-WAN Edge 9.1.1.5-9.1.1.9 versions
[Oracle Communications BRM – Elastic Charging Engine Suite]
Oracle Communications BRM – Elastic Charging Engine 12.0.0.4-12.0.0.8 versions
Oracle Communications BRM – Elastic Charging Engine 15.0.0.0 versions
Oracle Communications BRM – Elastic Charging Engine 15.0.1.0 version
[Oracle Communications Billing and Revenue Management Suite]
Oracle Communications Billing and Revenue Management 12.0.0.4-12.0.0.8 versions
Oracle Communications Billing and Revenue Management 15.0.0.0-15.0.0.1 versions
[Oracle Communications Convergence product family]
Oracle Communications Convergence 3.0.2.0.0.0 version
Oracle Communications Convergence 3.0.3.0.0.0 versions
Oracle Communications Convergence 3.0.3.3.0 version
[Oracle Communications Messaging Server product family] Oracle Communications Messaging Server 8.0.3.0.0
Oracle Communications Messaging Server 8.1.0.26 version
[Oracle Communications Offline Mediation Controller product family] Oracle Communications Offline Mediation Controller 12.0.0.0.0
Oracle Communications Offline Mediation Controller 12.0.0.8 version
Oracle Communications Offline Mediation Controller 15.0.0.0 version
Oracle Communications Offline Mediation Controller 15.0.1.0 version
[Oracle Communications Order and Service Management Suite] Oracle Communications Order and Service Management 7.0.1.0 version
Oracle Communications Order and Service Management 7.4.0 version
Oracle Communications Order and Service Management 7.4.1 version
Oracle Communications Order and Service Management 7.5.0 version
[Oracle Communications Service Catalog and Design Suite] Oracle Communications Service Catalog and Design 8.0.1 version
Oracle Communications Service Catalog and Design 8.0.0.3 version
Oracle Communications Service Catalog and Design 8.1.0.1 version
[Oracle Communications Unified Assurance Suite] Oracle Communications Service Catalog and Design 8.1.0.1 version
Oracle Communications Unified Assurance 6.0.0-6.0.5 versions
Oracle Communications Unified Assurance 6.0.1-6.0.5 versions
Oracle Communications Unified Assurance 6.0.4-6.0.5 versions
[Oracle Communications Unified Inventory Management product family]
Oracle Communications Unified Inventory Management 7.4.1 version
Oracle Communications Unified Inventory Management 7.4.2 version
Oracle Communications Unified Inventory Management 7.5.1 version
Oracle Communications Unified Inventory Management 7.6.0 version
[Primavera Gateway product family]
Primavera Gateway 20.12.0-20.12.15 versions
Primavera Gateway 21.12.0-21.12.13 versions
[Primavera P6 Enterprise Project Portfolio Management product family]
Primavera P6 Enterprise Project Portfolio Management 20.12.1.0-20.12.21.5 versions
Primavera P6 Enterprise Project Portfolio Management 21.12.1.0-21.12.20.0 versions
Primavera P6 Enterprise Project Portfolio Management 22.12.1.0 version
Primavera P6 Enterprise Project Portfolio Management 22.12.1.0-22.12.16.0 versions
Primavera P6 Enterprise Project Portfolio Management 23.12.1.0-23.12.10.0 versions
[Primavera Unifier product family]
Primavera Unifier 20.12.0-20.12.16 versions
Primavera Unifier 21.12.0-21.12.17 versions
Primavera Unifier 22.12.0-22.12.15 versions
Primavera Unifier 23.12.0-23.12.12 versions
Primavera Unifier 24.12.0 versions
[Database Migration Assistant for Unicode product family] [Database Migration Assistant for Unicode product family]
Database Migration Assistant for Unicode 19.1 version
[Oracle Database Server product family]
Oracle Database Server 19.3-19.25 versions
Oracle Database Server 21.3-21.16 versions
Oracle Database Server 21.4-21.16 versions
Oracle Database Server 23.4-23.6 versions
Oracle Database Server 23.5-23.6 versions
[Oracle Graal Development Kit for Micronaut product family]
Oracle Graal Development Kit for Micronaut 23.5-23.6 versions
[Oracle Advanced Outbound Telephony Suite] [Oracle Advanced Outbound Telephony Suite
Oracle Advanced Outbound Telephony 12.2.3-12.2.10 versions
[Oracle Customer Care product family]
Oracle Customer Care 12.2.5-12.2.13 versions
[Oracle Project Foundation product family]
Oracle Project Foundation 12.2.3-12.2.13 versions
[Oracle Workflow product family]
Oracle Workflow 12.2.3-12.2.14 versions
[Enterprise Manager for MySQL Database product family] [Enterprise Manager for MySQL Database product family]
Enterprise Manager for MySQL Database 13.5.2.0.0.0 version
[Oracle Application Testing Suite product family]
Oracle Application Testing Suite 13.3.0.1 version
[Oracle Enterprise Manager Base Platform family] Oracle Application Testing Suite 13.3.0.1 version
Oracle Enterprise Manager Base Platform Version 13.5.0.0 [Oracle Enterprise Manager Base Platform Family
[Oracle Essbase product family]
Oracle Essbase 21.7 version
[Oracle Banking Corporate Lending Process Management product family] Oracle Banking Corporate Lending Process Management 14.4.0.0.0.0
Oracle Banking Corporate Lending Process Management 14.4.0.0.0-14.7.0.0.0 versions
[Oracle Banking Liquidity Management Suite] Oracle Banking Liquidity Management 14.4.0.0.0-14.7.0.0.0
Oracle Banking Liquidity Management 14.7.5.0.0.0 versions
[Oracle Banking Origination product family] Oracle Banking Origination 14.7.5.0.0
Oracle Banking Origination 14.5.0.0.0.0-14.7.0.0.0 versions
[Oracle Financial Services Analytical Applications Infrastructure product family] Oracle Banking Origination 14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Analytical Applications Infrastructure 8.0.7.8 version
Oracle Financial Services Analytical Applications Infrastructure 8.0.8.6 version
Oracle Financial Services Analytical Applications Infrastructure 8.1.2.5 version
[Oracle Financial Services Behavior Detection Platform product family]
Oracle Financial Services Behavior Detection Platform 8.0.8.1 version
Oracle Financial Services Behavior Detection Platform 8.1.2.7 version
Oracle Financial Services Behavior Detection Platform 8.1.2.8 version
[Oracle Financial Services Compliance Studio Suite] Oracle Financial Services Behavior Detection Platform 8.1.2.8 Version
Oracle Financial Services Compliance Studio 8.1.2.5 version
Oracle Financial Services Compliance Studio 8.1.2.6 version
[Oracle Financial Services Enterprise Case Management product family]
Oracle Financial Services Enterprise Case Management 8.0.8.2 version
Oracle Financial Services Enterprise Case Management 8.1.2.7 version
Oracle Financial Services Enterprise Case Management 8.1.2.8 version
[Oracle Financial Services Model Management and Governance Suite] Oracle Financial Services Model Management and Governance Suite
Oracle Financial Services Model Management and Governance 8.1.2.6 version
Oracle Financial Services Model Management and Governance 8.1.2.7 Version
Oracle Financial Services Model Management and Governance 8.1.3.0 version
[Oracle Financial Services Regulatory Reporting Suite] Oracle Financial Services Regulatory Reporting Suite
Oracle Financial Services Regulatory Reporting 8.1.2.7 version
Oracle Financial Services Regulatory Reporting 8.1.2.8 version
[Oracle Financial Services Revenue Management and Billing product family]
Oracle Financial Services Revenue Management and Billing 2.9.0.0.0-7.0.0.0.0.0 version
[Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition product family] Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition product family
Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition 8.0.8 version
[Oracle Business Activity Monitoring family] Oracle Business Activity Monitoring 12.0.8 version
Oracle Business Activity Monitoring 12.2.1.4.0 version
[Oracle Business Process Management Suite family] Oracle Business Process Management Suite 12.2.1.4.0 version
Oracle Business Process Management Suite 12.2.1.4.0 version
[Oracle Coherence product family]
Oracle Coherence 12.2.1.4.0 version
Oracle Coherence 14.1.1.0.0.0 version
[Oracle Fusion Middleware MapViewer product family] Oracle Fusion Middleware MapViewer 12.1.1.0.0 version
Oracle Fusion Middleware MapViewer 12.2.1.4.0 version
[Oracle HTTP Server product family]
Oracle HTTP Server 12.2.1.4.0 version
[Oracle Identity Manager product family]
Oracle Identity Manager 12.2.1.4.0 version
[Oracle Managed File Transfer product family] Oracle Managed File Transfer 12.2.1.4.0 version
Oracle Managed File Transfer 12.2.1.4.0 version
[Oracle Middleware Common Libraries and Tools product family] Oracle Managed File Transfer 12.2.1.4.0 version
Oracle Middleware Common Libraries and Tools 12.2.1.4.0 version
[Oracle Outside In Technology family] Oracle Middleware Common Libraries and Tools 12.2.1.4.0 version
Oracle Outside In Technology 8.5.7 version
[Oracle Security Service Suite]
Oracle Security Service 12.2.1.4.0 version
[Oracle WebCenter Portal product family]
Oracle WebCenter Portal 12.2.1.4.0 version
[Oracle WebLogic Server family] Oracle WebLogic Server 12.2.1.4.0 version
Oracle WebLogic Server 12.2.1.4.0 version
Oracle WebLogic Server 14.1.1.0.0 version
Oracle WebLogic Server 14.1.2.0.0 version
[Oracle GoldenGate product family]
Oracle GoldenGate 19.1.0.0.0.0-19.25.0.0.241015 versions
Oracle GoldenGate 21.3-21.16 versions
Oracle GoldenGate 23.4-23.6 versions
[Oracle GoldenGate Big Data and Application Adapters product family]
Oracle GoldenGate Big Data and Application Adapters 19.1.0.0.0.0-19.1.0.0.18 versions
Oracle GoldenGate Big Data and Application Adapters 21.3.0.0.0-21.16.0.0.0 versions
Oracle GoldenGate Big Data and Application Adapters 23.4-23.6 versions
[Oracle GoldenGate Studio product family]
Oracle GoldenGate Studio 12.2.0.4.0 version
[Oracle GoldenGate Veridata Family] Oracle GoldenGate Veridata Suite
Oracle GoldenGate Veridata 12.2.1.4.0-12.2.1.4.240430 versions
[Graph Server and Client product family]
Graph Server and Client 23.4.4 version
Graph Server and Client 24.4.0 version
[Oracle Life Sciences Argus Safety product family] Oracle Life Sciences Argus Safety 8.2.3 version
Oracle Life Sciences Argus Safety 8.2.3 version
[Oracle Life Sciences Empirica Signal product family] [Oracle Life Sciences Empirica Signal product family
Oracle Life Sciences Empirica Signal 9.2.3 or below
[Oracle Hospitality OPERA 5 Family] Oracle Hospitality OPERA 5 5.2.3 or earlier
Oracle Hospitality OPERA 5 5.6.19.20 Version
Oracle Hospitality OPERA 5 5.6.25.8 version
Oracle Hospitality OPERA 5 5.6.26.6 version
Oracle Hospitality OPERA 5 5.6.27.1 version
[Oracle Hyperion Data Relationship Management Suite] Oracle Hospitality OPERA 5 5.6.27.1 version
Oracle Hyperion Data Relationship Management 11.2.19.0.000 version
[Oracle Documaker product family]
Oracle Documaker 12.7.1 version
Oracle Documaker 12.7.2 version
Oracle Documaker 13.0.0 version
[JD Edwards EnterpriseOne Orchestrator product family]
JD Edwards EnterpriseOne Orchestrator 9.2.9.0 or below
JD Edwards EnterpriseOne Orchestrator 9.2.9.2 or below
[JD Edwards EnterpriseOne Tools product family]
JD Edwards EnterpriseOne Tools 9.2.9.0 or below
JD Edwards EnterpriseOne Tools 9.2.9.2 or below
[Oracle Java SE product family]
Oracle Java SE Oracle GraalVM Enterprise Edition:20.3.16 version
Oracle Java SE Oracle GraalVM Enterprise Edition:21.3.12 version
Oracle Java SE Oracle GraalVM for JDK:17.0.13 version
Oracle Java SE Oracle GraalVM for JDK:21.0.5 version
Oracle Java SE Oracle GraalVM for JDK:23.0.1 version
Oracle Java SE Oracle Java SE:11.0.25 version
Oracle Java SE Oracle Java SE:17.0.13 version
Oracle Java SE Oracle Java SE:21.0.5 version
Oracle Java SE Oracle Java SE:23.0.1 version
Oracle Java SE Oracle Java SE:8u431 version
Oracle Java SE Oracle Java SE:8u431-perf version
[MySQL Cluster product family]
MySQL Cluster 7.6.32 and below
MySQL Cluster 8.0.40 and below
MySQL Cluster 8.4.3 and earlier
MySQL Cluster 9.1.0 and earlier
[MySQL Connectors family] [MySQL Connectors
MySQL Connectors 9.1.0 and earlier
[MySQL Enterprise Backup Suite]
MySQL Enterprise Backup 8.0.40 and earlier
MySQL Enterprise Backup 8.4.3 and earlier
MySQL Enterprise Backup 9.1.0 and earlier
[MySQL Enterprise Firewall product family]
MySQL Enterprise Firewall 8.0.40 and earlier
MySQL Enterprise Firewall 8.4.3 and earlier
MySQL Enterprise Firewall 9.1.0 and earlier
[MySQL Server Family]
MySQL Server 8.0.36 and earlier
MySQL Server 8.0.39 and earlier
MySQL Server 8.0.40 and earlier
MySQL Server 8.4.0 Versions
MySQL Server 8.4.2 and earlier
MySQL Server 8.4.3 and earlier
MySQL Server 9.0.1 and earlier
MySQL Server 9.1.0 and earlier
[MySQL Shell family] [MySQL Shell
MySQL Shell 8.0.40 and earlier
MySQL Shell 8.4.3 and earlier
MySQL Shell 9.1.0 and earlier
[PeopleSoft Enterprise CC Common Application Objects product family]
PeopleSoft Enterprise CC Common Application Objects version 9.2
[PeopleSoft Enterprise FIN Cash Management product family] [PeopleSoft Enterprise FIN Cash Management 9.2 version
PeopleSoft Enterprise FIN Cash Management Version 9.2
[PeopleSoft Enterprise FIN eSettlements product family]
PeopleSoft Enterprise FIN eSettlements Version 9.2
[PeopleSoft Enterprise PeopleTools product family]
PeopleSoft Enterprise PeopleTools Version 8.60
PeopleSoft Enterprise PeopleTools 8.61 version
[PeopleSoft Enterprise SCM Purchasing family of products]
PeopleSoft Enterprise SCM Purchasing version 9.2 [PeopleSoft Enterprise SCM Purchasing family
[Oracle Policy Automation product family]
Oracle Policy Automation 12.2.18-12.2.36 versions
[Oracle REST Data Services product family] Oracle REST Data Services 23.3.0.28
Oracle REST Data Services 23.3.0.289.1830 version
Oracle REST Data Services 23.3.1.305.1055 version
Oracle REST Data Services 23.4.0.346.1619 version
Oracle REST Data Services 23.4.1.038.1857 version
Oracle REST Data Services 24.1.0.108.0942 version
Oracle REST Data Services 24.1.1.120.1228 version
Oracle REST Data Services 24.1.2.163.1158 version
Oracle REST Data Services 24.2.0 version
Oracle REST Data Services 24.2.0.169.2208 版本
Oracle REST Data Services 24.2.1.180.1634 version
Oracle REST Data Services 24.2.2.187.1943 version
Oracle REST Data Services 24.3.0 version
[Oracle Retail Financial Integration product family] Oracle REST Data Services 24.3.0 version
Oracle Retail Financial Integration 14.1.3.2 version
Oracle Retail Financial Integration 15.0.3.1 version
Oracle Retail Financial Integration 16.0.3.0 version
Oracle Retail Financial Integration 19.0.1.0 version
[Oracle Retail Integration Bus family] Oracle Retail Integration Bus 14.0.1.0 version
Oracle Retail Integration Bus 14.1.3.2 version
Oracle Retail Integration Bus 15.0.3.1 version
Oracle Retail Integration Bus 16.0.3.0 Version
Oracle Retail Integration Bus 19.0.1.0 version
[Oracle Secure Backup product family]
Oracle Secure Backup 18.1.0.1.0 version
Oracle Secure Backup 18.1.0.2.0 version
Oracle Secure Backup 19.1.0.0.0.0 version
[Siebel CRM End User product family]
Siebel CRM End User 24.11 and below
[Oracle Agile Engineering Data Management Suite] Oracle Agile Engineering Data Management 6.2.1 version
Oracle Agile Engineering Data Management version 6.2.1 and later
[Oracle Agile PLM Framework family] Oracle Agile PLM Framework 9.3.6 version
Oracle Agile PLM Framework 9.3.6 version
[Oracle Solaris Family]
Oracle Solaris 11 version
[Oracle TimesTen In-Memory Database family] Oracle TimesTen In-Memory Database 18.1 version
Oracle TimesTen In-Memory Database version 18.1
Oracle TimesTen In-Memory Database version 22.1
[Oracle Utilities Application Framework product family] Oracle Utilities Application Framework 24.1 version
Oracle Utilities Application Framework 24.1.0.0.0.0-24.3.0.0.0.0 versions
Oracle Utilities Application Framework 4.3.0.3.0-4.3.0.6.0 versions
Oracle Utilities Application Framework 4.4.0.0.0.0 version
Oracle Utilities Application Framework 4.4.0.2.0 versions
Oracle Utilities Application Framework 4.4.0.3.0 version
Oracle Utilities Application Framework 4.5.0.0.0.0 version
Oracle Utilities Application Framework 4.5.0.1.1 version
Oracle Utilities Application Framework 4.5.0.1.3 version
[Oracle Utilities Network Management System product family]
Oracle Utilities Network Management System 2.5.0.1.14 version
Oracle Utilities Network Management System 2.5.0.1.15 version
Oracle Utilities Network Management System 2.5.0.2.9 version
Oracle Utilities Network Management System 2.6.0.1.5 version
Oracle Utilities Network Management System 2.6.0.1.7 version
[Oracle Utilities Testing Accelerator Suite] [Oracle Utilities Testing Accelerator Suite]
Oracle Utilities Testing Accelerator 6.0.0.1.0-6.0.0.3.0 versions
Oracle Utilities Testing Accelerator 7.0.0.0.0.0-7.0.0.1.0 versions
[Oracle VM VirtualBox product family]
Oracle VM VirtualBox 7.0.24 or below
Oracle VM VirtualBox 7.1.6 and below
Resolved Vulnerabilities
Oracle has released a security update that resolves 318 vulnerabilities. The list of major vulnerabilities is as follows
Critical data accessibility vulnerability for high-level unauthorized users in Oracle Agile PLM Framework (CVE-2025-21565, CVSS 7.5)
A high-level, potentially denial-of-service vulnerability in Oracle Agile PLM Framework (CVE-2025-21564, CVSS 8.1)
High severity, low privilege, network accessibility vulnerability in Oracle Agile PLM Framework (CVE-2025-21556, CVSS 9.9)
High severity, low privilege user can log on to the system vulnerability in Oracle Analytics Desktop (CVE-2025-21532, CVSS 7.8)
High-level, unauthorized user access to key data vulnerability in Oracle Customer Care (CVE-2025-21516, CVSS 8.1)
High Critical Denial of Service Vulnerability in Oracle Hospitality OPERA 5 (CVE-2025-21547, CVSS 9.1)
High Critical Data Accessibility Vulnerability for Unauthorized Users in Oracle Project Foundation (CVE-2025-21506, CVSS 8.1)
High-level denial of service vulnerability in Oracle VM VirtualBox (CVE-2025-21571, CVSS 7.3)
High Level Denial of Service Vulnerability in Oracle WebLogic Server (CVE-2025-21549, CVSS 7.5)
Severe Network Accessible Vulnerability in Oracle WebLogic Server for Unauthenticated Users (CVE-2025-21535, CVSS 9.8)
Vulnerability Patches
Product-specific Vulnerability Patches were made available in the January 21, 2025 Update. For more information on Vulnerability Patches, please see the Referenced Sites document.
Referenced Sites
[1] Critical Patch Update – January 2025