VYPR
High severity7.0NVD Advisory· Published May 9, 2016· Updated Jun 17, 2026

CVE-2016-2462

CVE-2016-2462

Description

OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles updates of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bug 27371173.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Google/Android2 versions
    cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
  • Google/Conscryptllm-create
    Range: 6.x before 2016-05-01

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.