Home

Description

react-native-keys 0.7.11 is vulnerable to sensitive information disclosure (remote) as encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. Attackers can extract these secrets using basic static analysis tools.

PUBLISHED Reserved 2025-04-22 | Published 2025-06-09 | Updated 2025-06-09 | Assigner mitre

References

gist.github.com/ch3tanbug/44aedff79dd5d2d6beadbffcd01e0de5 exploit

gist.github.com/ch3tanbug/44aedff79dd5d2d6beadbffcd01e0de5

github.com/...ulnerability-research/tree/main/CVE-2025-45001

cve.org (CVE-2025-45001)

nvd.nist.gov (CVE-2025-45001)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.