Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP APM
Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 12.0.0
Fixed In:
12.1.0, 12.0.0 HF1, 11.6.1
Opened: Sep 03, 2015 Severity: 3-Major
when a session variable value contains "0x" (for example 'value0x not encoded'), apd process treat the value as HEX-encoded and tries to decode it. decoding the not-encoded string causes apd to crash
apd crash
session variable contains substring "0x"
None
With this release: 1. Only values starting from 0x are treated as hex-encoded. 2. If hex decoding fails, apd does not crash.