In tinyexr 1.0.1, there is a heap-based buffer over-read in tinyexr::DecodePixelData. Date published : 2022-06-22 https://github.com/syoyo/tinyexr/issues/167