VULN UPGRADE: bottle (patch → 0.12.25) [python/bottle]

[campaigner-prod]

Summary: Critical-severity security update — 1 package upgraded (patch changes only)

Manifests changed:

• python/bottle (pip)

Updates

Package	From	To	Type	Vulnerabilities Fixed
bottle	0.12.13	0.12.25	patch	1 CRITICAL, 1 MODERATE, 2 UNKNOWN

---

Security Details

🚨 Critical & High Severity (1 fixed)

Package	CVE	Severity	Summary	Unsafe Version	Fixed In
bottle	GHSA-xhp9-4947-rq78	CRITICAL	Denial of service in bottle	0.12.13	0.12.20

ℹ️ Other Vulnerabilities (3)

Package	CVE	Severity	Summary	Unsafe Version	Fixed In
bottle	GHSA-qhx9-7hx7-cp4r	MODERATE	bottle HTTP Request smuggling	0.12.13	0.12.19
bottle	PYSEC-2021-129	unknown	-	0.12.13	0.12.19
bottle	PYSEC-2022-227	unknown	-	0.12.13	e140e1b54da721a660f2eb9d58a106b7b3ff2f00

⚠️ Dependencies that have Reached EOL (1)

Dependency	Unsafe Version	EOL Date	New Version	Path
bottle	0.12.13	-	0.12.25	python/bottle/requirements.txt

---

Review Checklist

Enhanced review recommended for this update:

• Review changes for compatibility with your code
• Check release notes for breaking changes
• Run integration tests to verify service behavior
• Test in staging environment before production
• Monitor key metrics after deployment

---

Update Mode: Vulnerability Remediation (Critical)

🤖 Generated by DataDog Automated Dependency Management System