diff --git a/java/ql/src/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll b/java/ql/src/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll
index e8d632682c9f..62c3e6478590 100644
--- a/java/ql/src/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll
+++ b/java/ql/src/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll
@@ -445,6 +445,13 @@ private predicate taintPreservingArgumentToMethod(Method method, int arg) {
     method.getName() = "wrap" and arg = 0
   )
   or
+  method.getDeclaringType().hasQualifiedName("org.apache.commons.codec.binary", "Base64") and
+  (
+    method.getName() = "decodeBase64" and arg = 0
+    or
+    method.getName().matches("encodeBase64%") and arg = 0
+  )
+  or
   method.getDeclaringType().hasQualifiedName("org.apache.commons.io", "IOUtils") and
   (
     method.getName() = "buffer" and arg = 0