If you open the link : Oracle Critical Patch Update - July 2016 there is a table with Affected Products and Versions & Patch Availability. Click on E-Business Suite Link for the patch details
Affected Products and Versions Patch Availability Oracle E-Business Suite, version(s) 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 E-Business Suite
Ref Note : Oracle E-Business Suite Release 12 Critical Patch Update Knowledge Document (July 2016) (Doc ID 2146140.1)
You will get the information about CVE under Oracle E-Business Suite Risk Matrix.
Appendix - Oracle Applications
Oracle E-Business Suite Executive Summary
This Critical Patch Update contains 23 new security fixes for the Oracle E-Business Suite. 21 of these vulnerabilities may be remotely exploitable without authentication,