nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries (aka nnabla) through v1.0.14 relies on the HOME environment variable, which might be untrusted.

Sony Neural Network Libraries reliance on untrusted inputs prior to v1.0.10