CVE-2025-45001

Source
https://cve.org/CVERecord?id=CVE-2025-45001
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-45001.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-45001
Aliases
Published
2025-06-09T00:00:00Z
Modified
2026-07-15T01:48:50.030287282Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

react-native-keys 0.7.11 is vulnerable to sensitive information disclosure (remote) as encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. Attackers can extract these secrets using basic static analysis tools.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/45xxx/CVE-2025-45001.json",
    "cna_assigner": "mitre"
}
References

Affected packages

Git / github.com/numandev1/react-native-keys

Affected ranges

Type
GIT
Repo
https://github.com/numandev1/react-native-keys
Events
Database specific
{
    "cpe": "cpe:2.3:a:numan:react-native-keys:0.7.11:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0.7.11"
        },
        {
            "last_affected": "0.7.11"
        }
    ],
    "source": "CPE_STRING"
}

Affected versions

0.*
0.7.11
v0.*
v0.7.11

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-45001.json"