Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-gg3w-p2fn-ufgv

Summary

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.

We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.4907 and later

Aliases

alias	CVE-2025-29890

Fixed_packages

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-29890

reference_id

reference_type

scores

value	0.00208
scoring_system	epss
scoring_elements	0.43298
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-29890

reference_url

https://www.qnap.com/en/security-advisory/qsa-25-19

reference_id

qsa-25-19

reference_type

scores

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-29T18:19:10Z/

url

https://www.qnap.com/en/security-advisory/qsa-25-19

Weaknesses

cwe_id	770
name	Allocation of Resources Without Limits or Throttling
description	The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

Exploits

Severity_range_score 7.1 - 7.1

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gg3w-p2fn-ufgv

Vulnerability Instance