Untrusted HOME Environment Variable Vulnerability in Sony Neural Network Libraries

Untrusted HOME Environment Variable Vulnerability in Sony Neural Network Libraries

CVE-2019-10844 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries (aka nnabla) through v1.0.14 relies on the HOME environment variable, which might be untrusted.

Learn more about our Network Penetration Testing.