Apache Commons Collections is a library built upon Java JDK classes by providing new interfaces, implementations and utilities.
It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)
Further information about this security flaw may be found at: https://access.redhat.com/solutions/2045023
All users of JBoss Operations Network 3.3.4 as provided from the Red Hat Customer Portal are advised to apply this security update.