Unrated severityNVD Advisory· Published Oct 1, 2015· Updated Jun 17, 2026
CVE-2015-3837
CVE-2015-3837
Description
The OpenSSLX509Certificate class in org/conscrypt/OpenSSLX509Certificate.java in Android before 5.1.1 LMY48I improperly includes certain context data during serialization and deserialization, which allows attackers to execute arbitrary code via an application that sends a crafted Intent, aka internal bug 21437603.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <5.1.1 LMY48I
Patches
Vulnerability mechanics
References
2- android.googlesource.com/platform/external/conscrypt/+/edf7055461e2d7fa18de5196dca80896a56e3540nvdVendor Advisory
- groups.google.com/forum/message/rawnvdVendor Advisory
News mentions
0No linked articles in our index yet.