CVEReports
CVEReports

Automated vulnerability intelligence platform. Comprehensive reports for high-severity CVEs generated by AI.

Product

  • Home
  • Sitemap
  • RSS Feed

Company

  • About
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CVEReports. All rights reserved.

Made with love by Amit Schendel & Alon Barad



GHSA-8F6J-263M-G72X

GHSA-8F6J-263M-G72X: OCSP Revocation Checking Bypass in Apple App Store Server Python Library

Alon Barad
Alon Barad
Software Engineer

Jul 14, 2026·5 min read·6 visits

Executive Summary (TL;DR)

An input verification flaw in apple-store-server-library (<=3.1.1) allows attackers to replay expired OCSP responses, validating revoked certificates and bypassing signature authentication boundaries.

A cryptographic validation flaw in the Apple App Store Server Python Library allows an attacker to bypass Online Certificate Status Protocol (OCSP) revocation checks. When online verification is enabled, the library fails to validate temporal constraints on OCSP response payloads. This flaw enables network-positioned adversaries to perform OCSP replay attacks, forcing the application to accept JSON Web Signatures (JWS) signed by revoked certificates.

Vulnerability Overview

The Apple App Store Server Python Library (app-store-server-library) provides utility classes to securely verify transactions, subscriptions, and server notifications. When checking certificates, the SignedDataVerifier component establishes a trust chain using cryptographic verification. Applications can configure online certificate validation to check whether Apple's signing certificates have been revoked.

This verification process uses the Online Certificate Status Protocol (OCSP) to retrieve status updates from Apple's certificate authority. When the enable_online_checks parameter is active, the library evaluates these responses. The client is responsible for validating that the response is both cryptographically sound and fresh.

Because the library fails to perform freshness checks, it accepts stale OCSP packets. This deficiency exposes applications utilizing the library to impersonation and authentication bypasses. The failure allows revoked certificate chains to be treated as trusted if the attacker has captured historical validation responses.

Root Cause Analysis

The underlying security issue is mapped to CWE-295 (Improper Certificate Validation) and CWE-299 (Improper Check for Certificate Revocation). To prevent replay attacks, the OCSP standard (RFC 6960) defines metadata fields inside the SingleResponse structure. These fields are thisUpdate (specifying when the status was known to be correct) and nextUpdate (indicating when newer status information becomes available).

When verifying an OCSP response, software must evaluate the local system clock against the thisUpdate and nextUpdate values. If the current time is outside this interval, the assertion is stale and must be rejected. The vulnerable implementation in _ChainVerifier.check_ocsp_status evaluated structural and cryptographic details but omitted temporal checks.

Because of this omission, any cryptographically valid OCSP assertion from the past showing a status of OCSPCertStatus.GOOD satisfies the library's verification condition. The logic never checked whether the validity window of the OCSP assertion had expired. Consequently, an assertion captured when a compromised certificate was valid remains trusted forever in the eyes of the library.

Code Analysis

An analysis of the vulnerable codebase in version 3.1.1 shows the incomplete validation loop in appstoreserverlibrary/signed_data_verifier.py:

# Vulnerable Code Path (v3.1.1)
for single_response in ocsp_resp.responses:
    builder = ocsp.OCSPRequestBuilder()
    builder = builder.add_certificate(
        cert.to_cryptography(), issuer.to_cryptography(), single_response.hash_algorithm
    )
    req = builder.build()
    if (
        single_response.certificate_status == ocsp.OCSPCertStatus.GOOD
        and single_response.serial_number == req.serial_number
        and single_response.issuer_key_hash == req.issuer_key_hash
        and single_response.issuer_name_hash == req.issuer_name_hash
    ):
        # Success is declared without verifying time bounds
        return

The conditional checks verify the cryptographic status and request hashes, but never access single_response.this_update_utc or single_response.next_update_utc.

The patched version (3.1.2) corrects this by introducing timezone-aware temporal validation and an acceptable clock skew threshold:

# Patched Code Path (v3.1.2)
now = datetime.datetime.now(datetime.timezone.utc)
if (
    single_response.certificate_status == ocsp.OCSPCertStatus.GOOD
    and single_response.serial_number == req.serial_number
    and single_response.issuer_key_hash == req.issuer_key_hash
    and single_response.issuer_name_hash == req.issuer_name_hash
    and single_response.this_update_utc is not None
    and now + _ChainVerifier.MAX_SKEW >= single_response.this_update_utc
    and single_response.next_update_utc is not None
    and single_response.next_update_utc >= now - _ChainVerifier.MAX_SKEW
):
    # Response is accepted only if it is within the valid time-window
    return

This modification ensures the validation logic rejects stale assertions. This fix is complete because it relies on the absolute cryptographic authority of the UTC timestamps embedded inside the signed responder data.

Exploitation Methodology

Exploiting this vulnerability requires a network-positioned attacker capable of routing outbound traffic or intercepting DNS requests. To execute the attack, the adversary must have access to a compromised or leaked developer certificate that Apple has revoked, along with a historically recorded OCSP 'GOOD' response packet for that certificate.

When the vulnerable application processes a JWS signed by the revoked developer certificate, it initiates an outbound OCSP request to Apple's responder URL. The attacker intercepts this connection using methods like DNS spoofing or local gateway redirection.

The attacker responds with the pre-captured, cryptographically signed OCSP 'GOOD' packet. Because the library is vulnerable to replay attacks, it verifies the signature of the status packet, ignores the expired date, and treats the revoked certificate as valid.

Impact Assessment

The impact of this flaw is classified as medium, with a CVSS v4.0 score of 6.9. While the confidentiality of systems is not compromised, the integrity of application states is degraded. An attacker can exploit this weakness to submit false or forged purchase data.

Applications relying on verification checks to unlock paywalled resources or validate in-app purchases may process invalid transactions. This scenario is problematic if high-value services are granted based on signatures created using revoked developer keys.

The vulnerability is constrained to environments enabling enable_online_checks=True. This configuration is necessary to protect against compromised certificate authority paths. The mitigation provided in the patch restricts exploitation by enforcing adherence to RFC 6960 validation.

Remediation and Detection

Remediation requires upgrading the app-store-server-library package to version 3.1.2 or higher. The patch introduces temporal bounds validation using timezone-aware UTC datetime operations, blocking replay attacks.

# Upgrade dependency using pip
pip install --upgrade app-store-server-library>=3.1.2

For applications that cannot apply immediate library upgrades, developers can disable online checks as a temporary workaround. However, this action stops revocation checking entirely, leaving the system vulnerable to processing revoked certificates. This workaround is only advised when alternative network protections or gateway-level OCSP validation are implemented.

Technical Appendix

CVSS Score
6.9/ 10
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Systems

Apple App Store Server Python Library (app-store-server-library) on Python/PyPI environments

Affected Versions Detail

Product
Affected Versions
Fixed Version
app-store-server-library
Apple
>= 0.2.0, <= 3.1.13.1.2
AttributeDetail
CWE IDCWE-295, CWE-299
Attack VectorNetwork
CVSS v4.06.9 (Medium)
Exploit Statusnone (theoretical)
Vulnerable Versions>= 0.2.0, <= 3.1.1
Fixed Version3.1.2

MITRE ATT&CK Mapping

T1556Modify Authentication Process
Credential Access
T1573.002Encrypted Channel: Asymmetric Cryptography
Command and Control
T1116Code Signing
Defense Evasion
CWE-295
Improper Certificate Validation

The application attempts to validate a certificate but fails to check its expiration, revocation, or integrity.

Vulnerability Timeline

GHSA-8F6J-263M-G72X Security Advisory published
2026-07-13
Apple releases app-store-server-library version 3.1.2 on PyPI
2026-07-13

References & Sources

  • [1]Apple App Store Server Library Python Repository
  • [2]Security Researcher 0xmrma Profile

Attack Flow Diagram

Press enter or space to select a node. You can then use the arrow keys to move the node around. Press delete to remove it and escape to cancel.
Press enter or space to select an edge. You can then press delete to remove it or escape to cancel.

More Reports

•about 3 hours ago•GHSA-XF7X-X43H-RPQH
7.5

GHSA-xf7x-x43h-rpqh: Denial of Service via Unconstrained Circular Reference Resolution in json-repair

A Denial of Service vulnerability exists in the json-repair Python library due to an unconstrained loop during JSON Schema reference resolution. By submitting a circular JSON Schema, an attacker can trigger infinite recursion, causing 100 percent CPU exhaustion. Because this package is heavily utilized in LLM data-processing pipelines, this flaw presents a substantial threat to application availability.

Alon Barad
Alon Barad
5 views•5 min read
•about 9 hours ago•GHSA-7XW9-549R-8JRC
8.5

GHSA-7XW9-549R-8JRC: SQL Injection and Improper Access Control in DIRAC PilotManager

The DIRAC PilotManager component contains combined security weaknesses: a SQL injection vulnerability (CWE-89) in the PilotAgentsDB database interaction layer, and an improper access control configuration (CWE-284) within the default authorization structure. A low-privilege authenticated attacker can bypass intended authorization checks to run administrative commands, manipulate grid job tracking records, and execute arbitrary SQL statements against the backend database.

Alon Barad
Alon Barad
8 views•5 min read
•about 11 hours ago•CVE-2024-27091
6.1

CVE-2024-27091: Stored Cross-Site Scripting (XSS) to Account Takeover in GeoNode

A comprehensive security analysis of CVE-2024-27091, a stored cross-site scripting (XSS) vulnerability in the GeoNode geospatial content management system. Unsanitized metadata fields rendered with Django's safe template filter permit stored JavaScript execution, leading directly to admin account takeover via CSRF token theft and silent profile email modification.

Amit Schendel
Amit Schendel
7 views•6 min read
•3 days ago•CVE-2026-54068
5.9

CVE-2026-54068: Unauthenticated Server-Side Template Injection and SQLite Exfiltration in SiYuan PKM

An authentication bypass in the SiYuan personal knowledge management system before version 3.7.0 exposes a dynamic icon rendering endpoint. This endpoint processes client-supplied Go template directives. By submitting a crafted request, an unauthenticated remote attacker can leverage registered database template functions to execute arbitrary read-only SQL queries and exfiltrate workspace contents.

Amit Schendel
Amit Schendel
14 views•5 min read
•3 days ago•CVE-2026-54069
9.1

CVE-2026-54069: Authentication Bypass in SiYuan Note via Origin Header Spoofing

CVE-2026-54069 is a critical authentication bypass vulnerability in the SiYuan Note personal knowledge management system. The flaw is located in the HTTP server's middleware handling API authorization, which unconditionally trusts requests carrying a 'chrome-extension://' scheme in the Origin HTTP header, granting administrative access without validating API tokens.

Alon Barad
Alon Barad
14 views•5 min read
•3 days ago•CVE-2026-54089
9.1

CVE-2026-54089: Authentication Bypass by Spoofing in File Browser

CVE-2026-54089 is a critical authentication bypass vulnerability in File Browser affecting instances configured with proxy-based authentication. An unauthenticated remote attacker with direct network access can impersonate arbitrary users or register new accounts by spoofing configured HTTP headers.

Amit Schendel
Amit Schendel
16 views•7 min read