(RHSA-2015:2517) Critical: Red Hat Fuse Service Works 6.0.0 commons-collections security update

ID RHSA-2015:2517
Type redhat
Reporter RedHat
Modified 2019-02-20T17:24:41


Apache Commons Collections is a library built upon Java JDK classes by providing new interfaces, implementations and utilities.

It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)

Further information about this security flaw may be found at: https://access.redhat.com/solutions/2045023

All users of Red Hat JBoss Fuse Service Works 6.0.0 as provided from the Red Hat Customer Portal are advised to apply this security update.