Bytecodealliance Cranelift-codegen — known CVE vulnerabilities
Every CVE whose affected-product data names Bytecodealliance Cranelift-codegen, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2023-26489 — CVSS 9.9 (critical): wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x86_64…
CVE-2021-32629 — CVSS 7.2 (high): Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation…
CVE-2022-31146 — CVSS 6.4 (medium): Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime's code generator, Cranelift, where functions using…
CVE-2022-31169 — CVSS 5.9 (medium): Wasmtime is a standalone runtime for WebAssembly. There is a bug in Wasmtime's code generator, Cranelift, for AArch64 targets where…
CVE-2022-31104 — CVSS 4.8 (medium): Wasmtime is a standalone runtime for WebAssembly. In affected versions wasmtime's implementation of the SIMD proposal for WebAssembly on…
CVE-2023-27477 — CVSS 3.1 (low): wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's code generation backend, Cranelift, has a bug on x86_64 platforms for the…