Unserialize vulnerability in the commons-collections Java library

Kuali SaaS Services is aware of the security issue with the Serialized methods in the commons-collection Java library.  Kuali Student and Kuali Ready are not at risk.  Kuali Financials and Kuali Research are both Java applications, along with their relevant sub-components and services including Rice.   Kuali SaaS is not using any of the reported vulnerable application stacks.   However, while we are using the vulnerable library (as it is part of the common java stack), our code does not reference the vulnerable portion of this library, and we are not aware of any un-validated input means that would allow access to the vulnerable code.  We have further mitigated even the possibility of a risk to our services.