Sign In

CVE-2026-3446

ADVISORY - nist

Summary

When calling base64.b64decode() or related functions the decoding process would stop after encountering the first padded quad regardless of whether there was more information to be processed. This can lead to data being accepted which may be processed differently by other implementations. Use "validate=True" to enable stricter processing of base64 data.

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-noinfo

Impacted images

Advisories

Docker

CREATED

UPDATED

ADVISORY ID

CVE-2026-3446

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY
PackageTypeOS NameOS VersionAffected RangesFix Versions
pythondhi--<3.13.133.13.13
alpine/python-3.10apkalpine3.23<3.13.133.13.13
alpine/python-3.10apkalpine3.23>=3.14.0-alpha1,<3.14.43.14.4
alpine/python-3.10apkalpine3.23>=3.15.0-alpha1,<3.15.0-alpha83.15.0-alpha8
alpine/python-3.11apkalpine3.23<3.13.133.13.13
alpine/python-3.11apkalpine3.23>=3.14.0-alpha1,<3.14.43.14.4
alpine/python-3.11apkalpine3.23>=3.15.0-alpha1,<3.15.0-alpha83.15.0-alpha8
alpine/python-3.12apkalpine3.23<3.13.133.13.13
alpine/python-3.12apkalpine3.23>=3.14.0-alpha1,<3.14.43.14.4
alpine/python-3.12apkalpine3.23>=3.15.0-alpha1,<3.15.0-alpha83.15.0-alpha8
alpine/python-3.13apkalpine3.23<3.13.133.13.13
alpine/python-3.13apkalpine3.23>=3.14.0-alpha1,<3.14.43.14.4
alpine/python-3.13apkalpine3.23>=3.15.0-alpha1,<3.15.0-alpha83.15.0-alpha8
alpine/python-3.14apkalpine3.23<3.13.133.13.13
alpine/python-3.14apkalpine3.23>=3.14.0-alpha1,<3.14.43.14.4
alpine/python-3.14apkalpine3.23>=3.15.0-alpha1,<3.15.0-alpha83.15.0-alpha8
pythondhi-->=3.14.0-alpha1,<3.14.43.14.4
pythondhi-->=3.15.0-alpha1,<3.15.0-alpha83.15.0-alpha8

Severity and metrics

No CVSS data available from this advisory.

NIST

CREATED

UPDATED

ADVISORY IDCVE-2026-3446
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-noinfo

CVSS SCORE

6medium