2 matches found
AZL-75225 CVE-2025-12781 affecting package python3 3.9.19-19
When passing data to the b64decode, standardb64decode, and urlsafeb64decode functions in the "base64" module the characters "+/" will always be accepted, regardless of the value of "altchars" parameter, typically used to establish an "alternative base64 alphabet" such as the URL safe alphabet. Th...
CVE-2025-12781
CVE-2025-12781 concerns the base64 module in Python, where b64decode(), standard_b64decode(), and urlsafe_b64decode() historically accept the characters "+/" regardless of the altchars parameter. The connected sources confirm this behavior and note that newer RFCs recommend restricting to the spe...