VULN UPGRADE: protobuf (major → 6.33.5)

[campaigner-prod]

Summary: High-severity security update — 1 package upgraded (MAJOR changes included)

Manifests changed:

• . (pip)

Updates

Package	From	To	Type	Vulnerabilities Fixed
protobuf	3.5.1	6.33.5	major	5 HIGH, 2 MEDIUM

---

Warning

Major Version Upgrade

This update includes major version changes that may contain breaking changes. Please:

• Review the changelog/release notes for breaking changes
• Test thoroughly in a staging environment
• Update any code that depends on changed APIs
• Ensure all tests pass before merging

Security Details

🚨 Critical & High Severity (5 fixed)

Package	CVE	Severity	Summary	Unsafe Version	Fixed In
protobuf	GHSA-8qvm-5x2c-j2w7	HIGH	protobuf-python has a potential Denial of Service issue	3.5.1	4.25.8
protobuf	CVE-2025-4565	HIGH	-	3.5.1	-
protobuf	GHSA-7gcm-g887-7qv7	HIGH	protobuf affected by a JSON recursion depth bypass	3.5.1	6.33.5
protobuf	GHSA-8gq9-2x98-w8hf	HIGH	protobuf-cpp and protobuf-python have potential Denial of Service issue	3.5.1	3.18.3
protobuf	CVE-2022-1941	HIGH	-	3.5.1	-

ℹ️ Other Vulnerabilities (2)

Package	CVE	Severity	Summary	Unsafe Version	Fixed In
protobuf	PYSEC-2022-48	medium	-	3.5.1	3.15.0
protobuf	CVE-2021-22570	medium	-	3.5.1	-

⚠️ Dependencies that have Reached EOL (1)

Dependency	Unsafe Version	EOL Date	New Version	Path
protobuf	3.5.1	Dec 22, 2019	6.33.5	requirements-opt.txt

---

Review Checklist

Extra review is recommended for this update:

• Review changes for compatibility with your code
• Check release notes for breaking changes
• Run integration tests to verify service behavior
• Test in staging environment before production
• Monitor key metrics after deployment

---

Update Mode: Vulnerability Remediation (High)

🤖 Generated by DataDog Automated Dependency Management System