Apache UIMA Java SDK Core, Apache UIMA Java SDK CPE, Apache UIMA Java SDK Vinci adapter, Apache UIMA Java SDK tools: Potential untrusted code execution when deserializing certain binary CAS formats
Description
Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: before 3.5.0.
Users are recommended to upgrade to version 3.5.0, which fixes the issue.
There are several locations in the code where serialized Java objects are deserialized without verifying the data. This affects in particular: * the deserialization of a Java-serialized CAS, but also other binary CAS formats that include TSI information using the CasIOUtils class; * the CAS Editor Eclipse plugin which uses the the CasIOUtils class to load data; * the deserialization of a Java-serialized CAS of the Vinci Analysis Engine service which can receive using Java-serialized CAS objects over network connections; * the CasAnnotationViewerApplet and the CasTreeViewerApplet; * the checkpointing feature of the CPE module.
Note that the UIMA framework by default does not start any remotely accessible services (i.e. Vinci) that would be vulnerable to this issue. A user or developer would need to make an active choice to start such a service. However, users or developers may use the CasIOUtils in their own applications and services to parse serialized CAS data. They are affected by this issue unless they ensure that the data passed to CasIOUtils is not a serialized Java object.
When using Vinci or using CasIOUtils in own services/applications, the unrestricted deserialization of Java-serialized CAS files may allow arbitrary (remote) code execution.
As a remedy, it is possible to set up a global or context-specific ObjectInputFilter (cf. https://openjdk.org/jeps/290 and https://openjdk.org/jeps/415 ) if running UIMA on a Java version that supports it.
Note that Java 1.8 does not support the ObjectInputFilter, so there is no remedy when running on this out-of-support platform. An upgrade to a recent Java version is strongly recommended if you need to secure an UIMA version that is affected by this issue.
To mitigate the issue on a Java 9+ platform, you can configure a filter pattern through the "jdk.serialFilter" system property using a semicolon as a separator:
To allow deserializing Java-serialized binary CASes, add the classes: * org.apache.uima.cas.impl.CASCompleteSerializer * org.apache.uima.cas.impl.CASMgrSerializer * org.apache.uima.cas.impl.CASSerializer * java.lang.String
To allow deserializing CPE Checkpoint data, add the following classes (and any custom classes your application uses to store its checkpoints): * org.apache.uima.collection.impl.cpm.CheckpointData * org.apache.uima.util.ProcessTrace * org.apache.uima.util.impl.ProcessTrace_impl * org.apache.uima.collection.base_cpm.SynchPoint
Make sure to use "!*" as the final component to the filter pattern to disallow deserialization of any classes not listed in the pattern.
Apache UIMA 3.5.0 uses tightly scoped ObjectInputFilters when reading Java-serialized data depending on the type of data being expected. Configuring a global filter is not necessary with this version.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.uima:uimajMaven | < 3.5.0 | 3.5.0 |
Affected products
5- Apache Software Foundation/Apache UIMA Java SDK Corev5Range: 0
- Range: 0
- Apache Software Foundation/Apache UIMA Java SDK toolsv5Range: 0
- Apache Software Foundation/Apache UIMA Java SDK Vinci adapterv5Range: 0
Patches
Vulnerability mechanics
Root cause
"Unrestricted deserialization of untrusted Java-serialized objects without input validation or class filtering."
Attack vector
An attacker can trigger arbitrary code execution by supplying a crafted Java-serialized object to any deserialization point. For the Vinci service, the attacker sends a malicious Java-serialized CAS over the network to a remotely accessible Vinci endpoint (though such services are not started by default). For applications using `CasIOUtils`, the attacker provides a malicious serialized CAS file. The deserialization occurs without any input validation [CWE-20] or filtering of untrusted data [CWE-502], allowing the attacker's gadget chain to execute during deserialization.
Affected code
The vulnerability spans multiple locations where serialized Java objects are deserialized without validation. The primary affected class is `CasIOUtils`, which handles deserialization of Java-serialized CAS and other binary CAS formats. Additional affected components include the CAS Editor Eclipse plugin (using `CasIOUtils`), the Vinci Analysis Engine service (receiving Java-serialized CAS over network), the `CasAnnotationViewerApplet` and `CasTreeViewerApplet`, and the checkpointing feature of the CPE module.
What the fix does
The patch shown is the release commit for version 3.5.0, which updates version strings from 3.5.0-SNAPSHOT to 3.5.0 across all POM files and feature descriptors. The advisory states that Apache UIMA 3.5.0 uses tightly scoped `ObjectInputFilter` instances when reading Java-serialized data, depending on the type of data being expected. This means the fix introduces context-specific deserialization filters that restrict which classes can be deserialized, rather than relying on a global filter. The patch itself does not show the filter logic; the actual filtering changes were introduced in earlier commits leading to the 3.5.0 release.
Preconditions
- inputThe attacker must be able to supply a serialized Java object to a deserialization point (CasIOUtils, Vinci service, applets, or CPE checkpointing).
- networkFor the Vinci service, the attacker needs network access to a Vinci endpoint that has been explicitly started by the user/developer.
- authNo authentication is required if the deserialization endpoint is exposed without access controls.
Generated on May 23, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-5r8j-qmcm-7g7qghsaADVISORY
- lists.apache.org/thread/lw30f4qlq3mhkhpljj16qw4fot3rg7v4ghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2023-39913ghsaADVISORY
- www.openwall.com/lists/oss-security/2023/11/08/1ghsaWEB
- github.com/apache/uima-uimaj/releases/tag/rel%2Fuimaj-3.5.0ghsaWEB
News mentions
0No linked articles in our index yet.