Public CVE-2019-10842 disclosure

nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries (aka nnabla) through v1.0.14 relies on the HOME environment variable, which might be untrusted.