Medium severity6.5NVD Advisory· Published Jan 30, 2025· Updated Apr 15, 2026
CVE-2024-53615
CVE-2024-53615
Description
A command injection vulnerability in the video thumbnail rendering component of Karl Ward's files.gallery v0.3.0 through 0.11.0 allows remote attackers to execute arbitrary code via a crafted video file.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
files.photo.gallerynpm | >= 0.3.0, <= 0.11.0 | — |
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- github.com/advisories/GHSA-5wjw-qjhm-v43hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-53615ghsaADVISORY
News mentions
0No linked articles in our index yet.