CVE-2025-45001

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-45001
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-45001.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-45001
Aliases
Published
2025-06-09T17:15:29Z
Modified
2025-07-02T20:29:47.356162Z
Summary
[none]
Details

react-native-keys 0.7.11 is vulnerable to sensitive information disclosure (remote) as encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. Attackers can extract these secrets using basic static analysis tools.

References

Affected packages

Git / github.com/numandev1/react-native-keys

Affected ranges

Type
GIT
Repo
https://github.com/numandev1/react-native-keys
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

0.*

0.0.13

v0.*

v0.0.10
v0.0.11
v0.0.7
v0.0.8
v0.0.9
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.5.0
v0.5.1
v0.5.10
v0.5.11
v0.5.12
v0.5.13
v0.5.14
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.6.0-alpha.0
v0.7.0
v0.7.1
v0.7.10
v0.7.11
v0.7.2
v0.7.3
v0.7.4
v0.7.5
v0.7.6
v0.7.7
v0.7.8
v0.7.9