GHSA-8F6J-263M-G72X
Vulnerability from github – Published: 2026-07-13 23:49 – Updated: 2026-07-13 23:49Summary
SignedDataVerifier attempts to perform online revocation checking when enable_online_checks=True, but its OCSP validation logic accepts stale GOOD responses as valid indefinitely. In appstoreserverlibrary/signed_data_verifier.py, _ChainVerifier.check_ocsp_status() verifies the OCSP response signature and CertID match, but never validates the freshness window carried by producedAt, thisUpdate, or nextUpdate.
As a result, a previously valid signed OCSP GOOD response can be replayed after it is expired, and the library will still treat the certificate as good. If an App Store signing certificate or intermediate is ever revoked, applications using this library with online checks enabled can continue accepting JWS objects signed with the revoked key as long as a stale signed OCSP response is replayed.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.1.1"
},
"package": {
"ecosystem": "PyPI",
"name": "app-store-server-library"
},
"ranges": [
{
"events": [
{
"introduced": "0.2.0"
},
{
"fixed": "3.1.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-295",
"CWE-299"
],
"github_reviewed": true,
"github_reviewed_at": "2026-07-13T23:49:14Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "### Summary\n`SignedDataVerifier` attempts to perform online revocation checking when `enable_online_checks=True`, but its OCSP validation logic accepts stale `GOOD` responses as valid indefinitely. In `appstoreserverlibrary/signed_data_verifier.py`, `_ChainVerifier.check_ocsp_status()` verifies the OCSP response signature and CertID match, but never validates the freshness window carried by `producedAt`, `thisUpdate`, or `nextUpdate`.\n\nAs a result, a previously valid signed OCSP `GOOD` response can be replayed after it is expired, and the library will still treat the certificate as good. If an App Store signing certificate or intermediate is ever revoked, applications using this library with online checks enabled can continue accepting JWS objects signed with the revoked key as long as a stale signed OCSP response is replayed.",
"id": "GHSA-8f6j-263m-g72x",
"modified": "2026-07-13T23:49:14Z",
"published": "2026-07-13T23:49:14Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/apple/app-store-server-library-python/security/advisories/GHSA-8f6j-263m-g72x"
},
{
"type": "PACKAGE",
"url": "https://github.com/apple/app-store-server-library-python"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Apple App Store Server Python Library: SignedDataVerifier accepts stale OCSP GOOD responses and can bypass certificate revocation checks"
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.