CVE-2020-24653

Name of the Vulnerable Software and Affected Versions Expo versions through 9.1.0 on iOS

Description The issue concerns the secure-store in Expo, which provides an insecure policy kSecAttrAccessibleAlwaysThisDeviceOnly when WHEN UNLOCKED THIS DEVICE ONLY is used. This affects the security of data storage on iOS devices.

Recommendations For Expo versions through 9.1.0 on iOS, consider updating to a version that addresses this issue, as the current version provides an insecure policy that may compromise data security. At the moment, there is no information about a newer version that contains a fix for this vulnerability.