- Description
- react-native-keys 0.7.11 is vulnerable to sensitive information disclosure (remote) as encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. Attackers can extract these secrets using basic static analysis tools.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-312
- Hype score
- Not currently trending
🔴 #React-Native-Keys, Sensitive Information Disclosure, #CVE-2025-45001 (Critical) https://t.co/aDqJGMsv6x
@dailycve
23 Jun 2025
31 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-45001 React Native Keys 0.7.11 Sensitive Information Disclosure via Static Analysis https://t.co/Icf8IVguY9
@VulmonFeeds
10 Jun 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-45001 react-native-keys 0.7.11 is vulnerable to sensitive information disclosure (remote) as encryption cipher and Base64 chunks are stored as plaintext in the compiled nat… https://t.co/nNh6FYGHBh
@CVEnew
9 Jun 2025
430 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
3 CVEs just got assigned to me CVE-2025-45001 CVE-2025-45002 CVE-2024-46452
@Ch3tan_bug
9 Jun 2025
47 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:numan:react-native-keys:0.7.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C28ED9CD-FA1A-4DB8-9877-CF717ACEC6D2"
}
],
"operator": "OR"
}
]
}
]