Impact
The vulnerability stems from unsafe Java deserialization in the SvmDoccatModel.deserialize method. The method reads an InputStream with java.io.ObjectInputStream and calls readObject() without installing an ObjectInputFilter. During deserialization, every class referenced in the stream is materialised before the resulting object is cast to SvmDoccatModel. If an attacker supplies a crafted serialization stream that contains a deserialization gadget chain present on the application's classpath, the chain can be executed before the casting step, yielding arbitrary code execution in the JVM that loads the model.
Affected Systems
Apache OpenNLP Core ML LibSVM from the Apache Software Foundation is affected. All releases before 3.0.0-M4 (the 3.x series) contain the unsafe deserialization point. The issue was introduced with OPENNLP‑1808 and remains until the 3.0.0‑M4 release. Applications that embed this module and load SvmDoccatModel instances from external or partially trusted sources are consequently vulnerable.
Risk and Exploitability
The CVSS score of 7.3 indicates a high severity vulnerability. The EPSS score of 5% indicates a measurable risk of exploitation in the wild, and the vulnerability is not listed in the CISA KEV catalog, suggesting limited observed exploitation. The likely attack vector is remote: a public static method can be invoked with an attacker‑controlled stream sent over a network or sourced from a malicious file. Exploitation requires a suitable gadget chain on the application's classpath; without such a chain the practical risk is confined to environments that include vulnerable transitive dependencies. Due to the absence of a filter during deserialization, any caller can trigger the vulnerability if untrusted data is deserialised.
OpenCVE Enrichment