CVE-2018-12064

CVE-2018-12064

tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h.

Source: CVE-2018-12064