cranelift-codegen (crates.io) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the crates.io package cranelift-codegen, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2023-26489 — CVSS 9.9 (critical): wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x86_64…
CVE-2021-32629 — CVSS 7.2 (high): Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation…
CVE-2022-31146 — CVSS 6.4 (medium): Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime's code generator, Cranelift, where functions using…
CVE-2022-31169 — CVSS 5.9 (medium): Wasmtime is a standalone runtime for WebAssembly. There is a bug in Wasmtime's code generator, Cranelift, for AArch64 targets where…
CVE-2022-23636 — CVSS 5.1 (medium): Wasmtime is an open source runtime for WebAssembly & WASI. Prior to versions 0.34.1 and 0.33.1, there exists a bug in the pooling instance…
CVE-2022-31104 — CVSS 4.8 (medium): Wasmtime is a standalone runtime for WebAssembly. In affected versions wasmtime's implementation of the SIMD proposal for WebAssembly on…
CVE-2023-27477 — CVSS 3.1 (low): wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's code generation backend, Cranelift, has a bug on x86_64 platforms for the…