Detections
Analytics

SCA: security update for github.com/nezhahq/nezha (GHSA-q6xx-5vr8-p898)

high Tenable Self-Hosted Container Security Plugin ID 444049

Description

Nezha vulnerable to cross-tenant terminal/file-manager session hijack via WebSocket stream UUID without ownership check

Solution

Update the github.com/nezhahq/nezha library and its related packages to version 2.0.10 or later.

See Also

https://github.com/advisories/GHSA-q6xx-5vr8-p898

Plugin Details

Severity: High

ID: 444049

Version: Revision 1.1

Type: Local

Family: SCA Checks

Published: 6/27/2026

Updated: 6/27/2026

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 6/26/2026

Vulnerability Publication Date: 6/26/2026

Reference Information