CVE-2025-6167

Published
View on NVD ↗
CVSS v3
5.5
MEDIUM
CVSS v2
5.2
MEDIUM
Affected
1
PROJECT

Description

A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0.5.5. Affected is the function create_workflow of the file python_a2a/agent_flow/server/api.py. The manipulation leads to path traversal. Upgrading to version 0.5.6 is able to address this issue. It is recommended to upgrade the affected component.

themanojdesai/python-a2a
themanojdesai/python-a2a
Python A2A is a powerful, easy-to-use library for implementing Google's [Agent-to-Agent (A2A) protocol](https://google.github.io/A2A/). It enables seamless communication between AI agents, creating interoperable agent ecosystems that can collaborate to solve complex problems.
GitHubGitHub
993