python Pydantic AI Releases · · 1.107.1

pydantic-ai v1.107.1 patches security vulnerability

sdkaiengineerpython-agentic
security patch

Pydantic-ai v1.107.1 addresses a moderate security vulnerability (GHSA-jpr8-2v3g-wgf9) in its AG-UI serving path that could expose and execute tool calls with client-chosen arguments. This fix impacts users of `pydantic-ai` and `pydantic-ai-slim` versions >= 1.88.0 and < 2.5.0, with patches available in v1.107.1 and v2.5.0. Users can also mitigate this by configuring tools to require approval or by implementing their own argument validation and authorization.

  • Affected: pydantic-ai / pydantic-ai-slim >= 1.88.0, < 1.107.1 (v1) and >= 2.0.0, < 2.5.0 (v2)
  • Patched: 1.107.1 (v1) and 2.5.0 (v2)
Security (3)
  • Affected: pydantic-ai / pydantic-ai-slim >= 1.88.0, < 1.107.1 (v1) and >= 2.0.0, < 2.5.0 (v2)
  • Patched: 1.107.1 (v1) and 2.5.0 (v2)
  • Not affected if every sensitive tool uses requires_approval=True / ApprovalRequiredToolset, or if your tool handlers validate their arguments and enforce authorization themselves

Fixes (1)
  • Fix sanitize_messages tail handling when a trailing client message is dropped by @dsfaccini in https://github.com/pydantic/pydantic-ai/pull/6407

Read the original announcement →

https://github.com/pydantic/pydantic-ai/releases/tag/v1.107.1

Related releases