{"dataType":"CVE_RECORD","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2025-45001","assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","dateUpdated":"2025-06-09T19:47:56.235Z","dateReserved":"2025-04-22T00:00:00.000Z","datePublished":"2025-06-09T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2025-06-09T17:02:09.473Z"},"descriptions":[{"lang":"en","value":"react-native-keys 0.7.11 is vulnerable to sensitive information disclosure (remote) as encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. Attackers can extract these secrets using basic static analysis tools."}],"affected":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}],"references":[{"url":"https://gist.github.com/ch3tanbug/44aedff79dd5d2d6beadbffcd01e0de5"},{"url":"https://github.com/ch3tanbug/vulnerability-research/tree/main/CVE-2025-45001"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"n/a"}]}]},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-312","lang":"en","description":"CWE-312 Cleartext Storage of Sensitive Information"}]}],"references":[{"url":"https://gist.github.com/ch3tanbug/44aedff79dd5d2d6beadbffcd01e0de5","tags":["exploit"]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.5,"attackVector":"NETWORK","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-06-09T19:41:05.049116Z","id":"CVE-2025-45001","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-06-09T19:47:56.235Z"}}]},"dataVersion":"5.1"}