Last Modified: Jul 24, 2024
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3
Fixed In:
17.1.1, 16.1.5, 15.1.10
Opened: Dec 08, 2022 Severity: 3-Major
Pattern matching in JSON schema has an issue of unable to match string in a specific pattern expression.
The JSON content profile fails matching legitimate JSON token with JSON schema, resulting a false positive.
When all the following conditions are satisfied: - a non-basic latin character is in bracket expression [] - the bracket expression is led by ^ or followed by $ - there is at least one character just before or after bracket expression Following are examples for pattern that has issue: - /^[€]1/ - /1[€]$/ The bracket would have multiple characters in real scenario. Following are examples for patterns that do not have the issue: - /^[€]/ - /[€]1/ - /^€1/
None
None