Unrated severityNVD Advisory· Published Jan 26, 2014· Updated Apr 29, 2026

CVE-2013-7299

Description

framework/common/messageheaderparser.cpp in Tntnet before 2.2.1 allows remote attackers to obtain sensitive information via a header that ends in \n instead of \r\n, which prevents a null terminator from being added and causes Tntnet to include headers from other requests.

Affected products

Tntnet/Tntnet3 versions
cpe:2.3:a:tntnet:tntnet:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:tntnet:tntnet:*:*:*:*:*:*:*:*range: <=2.2
- cpe:2.3:a:tntnet:tntnet:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:tntnet:tntnet:2.1:*:*:*:*:*:*:*

Patches

9bd3b14042e1

https://github.com/maekitalo/tntnetvia nvd-ref

commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/maekitalo/tntnet/commit/9bd3b14042e12d84f39ea9f55731705ba516f525nvdPatch
secunia.com/advisories/56400nvdVendor Advisory
lists.fedoraproject.org/pipermail/package-announce/2014-February/127746.htmlnvd
seclists.org/oss-sec/2014/q1/112nvd
seclists.org/oss-sec/2014/q1/116nvd
www.securityfocus.com/bid/65025nvd
www.tntnet.org/download/tntnet-2.2.1/Releasenotes-2.2.1.markdownnvd
exchange.xforce.ibmcloud.com/vulnerabilities/90565nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000