Component changes and addressed vulnerabilities

Teamwork Cloud/Magic Collaboration Studio

Library	Old version	New version	CVEs addressed
jetty	9.4.57.v20241219	9.4.58.v20250814
log4j-api		2.25.3
log4j-core		2.25.3
logback-classic	1.5.18	1.5.23
commons-lang3	3.17.0	3.20.0	CVE-2025-48924
apache-curator	5.8.0	5.9.0
zookeeper	3.9.3	3.9.4
netty	4.1.119.Final	4.1.130.Final
elasticsearch-client	7.17.28	7.17.29

Magic Model Analyst / Cameo Simulation Toolkit

Library	Old version	New version
jfreechart	1.5.5	1.5.6
commons-beanutils	1.9.4	1.11.0

DataHub

Library	Old version	New version	CVEs addressed
commons-lang3	3.17.0	3.18.0	CVE-2025-48924

WebApps

Library	Old version	New version
Spring Framework	6.2.5	6.2.15
Spring Framework Security	6.3.8	6.3.10
Jackson Databind	2.18.3	2.18.5
Jackson Dataformat XML	2.18.3	2.18.5
Jakarta Activation API	2.1.3	2.1.4
Apache Log4J2	2.24.3	2.25.3

Magic Software Architect / MagicDraw

Library	Old version	New version	CVEs addressed
commons-lang3	3.17.0	3.18.0	CVE-2025-48924
bcprov-jdk18on	1.78	1.81
log4j-*.jar	2.23.1	2.25.3	CVE-2025-68161
apache groovy	4.0.21	4.0.29
apache poi	5.3.0	5.5.1
apache xmlbeans	5.2.1	5.3.0
poi-scratchpad	5.2.2	5.5.1
commons-beanutils	1.9.4	1.11.0