2457410 – (CVE-2026-3446) CVE-2026-3446 python: Python base64: Incomplete data decoding due to premature stop at padding

Bug 2457410 (CVE-2026-3446) - CVE-2026-3446 python: Python base64: Incomplete data decoding due to premature stop at padding

Summary: CVE-2026-3446 python: Python base64: Incomplete data decoding due to prematur...

Keywords:
Status:	NEW
Alias:	CVE-2026-3446
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-04-10 19:01 UTC by OSIDB Bzimport
Modified:	2026-04-13 13:34 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-04-10 19:01:46 UTC

When calling base64.b64decode() or related functions the decoding process would stop after encountering the first padded quad regardless of whether there was more information to be processed. This can lead to data being accepted which may be processed differently by other implementations. Use "validate=True" to enable stricter processing of base64 data.

Note You need to log in before you can comment on or make changes to this bug.