4 matches found
CVE-2025-12781
A flaw was found in the base64 module in the Python standard library. The b64decode, standardb64decode and urlsafeb64decode functions will always accept the '+' and '/' characters even when an alternative base64 alphabet is specified via the altchars parameter that excludes them. This input...
CVE-2025-12781
When passing data to the b64decode, standardb64decode, and urlsafeb64decode functions in the "base64" module the characters "+/" will always be accepted, regardless of the value of "altchars" parameter, typically used to establish an "alternative base64 alphabet" such as the URL safe alphabet. Th...
Incomplete List of Disallowed Inputs
Overview Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs in the b64decode, standardb64decode, and urlsafeb64decode functions when the altchars parameter is used. An attacker can cause logical errors or compromise data integrity by submitting input containi...
CPython security vulnerabilities
CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has security vulnerabilities, where functions such as b64decode, standardb64decode, and urlsafeb64decode always accept the + and/or character, which may lead to data integrity issues...