Vulnerabilities > Autodesk > Infraworks > 2021.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-12 | CVE-2023-25005 | Uncontrolled Search Path Element vulnerability in Autodesk Infraworks A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability. | 7.8 |
| 2022-10-07 | CVE-2021-40162 | Out-of-bounds Read vulnerability in Autodesk products A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. | 7.8 |
| 2022-10-07 | CVE-2021-40163 | Out-of-bounds Write vulnerability in Autodesk products A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component. | 7.8 |
| 2022-10-07 | CVE-2021-40164 | Out-of-bounds Write vulnerability in Autodesk products A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. | 7.8 |
| 2022-10-07 | CVE-2021-40165 | Out-of-bounds Write vulnerability in Autodesk products A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. | 7.8 |
| 2022-10-07 | CVE-2021-40166 | Use After Free vulnerability in Autodesk products A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. | 7.8 |