Updated CVE Fixes (#997)

## Description
- CVE-2025-55163 Netty https://nvd.nist.gov/vuln/detail/CVE-2025-55163
- CVE-2025-8916 Bouncy Castle
https://nvd.nist.gov/vuln/detail/CVE-2025-8916
- CVE-2025-53864 Gson https://nvd.nist.gov/vuln/detail/CVE-2025-53864

## Testing
Checked using the org.owasp:dependency-check-maven

## Additional Notes to the Reviewer
<!-- Share any additional context or insights that may help the reviewer
understand the changes better. This could include challenges faced,
limitations, or compromises made during the development process.
Also, mention any areas of the code that you would like the reviewer to
focus on specifically. -->

`NO_CHANGELOG=true`

Author: jprakash-db

pom.xml

@@ -51,6 +51,7 @@
     <google.guava.version>33.0.0-jre</google.guava.version>
     <junit.jupiter.version>5.9.2</junit.jupiter.version>
     <google.findbugs.annotations.version>3.0.1</google.findbugs.annotations.version>
+    <gson.version>2.13.2</gson.version>
     <immutables.value.version>2.9.2</immutables.value.version>
     <httpclient.version>4.5.14</httpclient.version>
     <commons-configuration.version>2.10.1</commons-configuration.version>
@@ -65,9 +66,9 @@
     <slt.token>dummy-token</slt.token>
     <wiremock.version>3.5.4</wiremock.version>
     <nimbusjose.version>10.0.2</nimbusjose.version>
-    <bouncycastle.version>1.78.1</bouncycastle.version>
+    <bouncycastle.version>1.79</bouncycastle.version>
     <async-httpclient.version>5.3.1</async-httpclient.version>
-    <netty.version>4.2.0.Final</netty.version>
+    <netty.version>4.2.6.Final</netty.version>
     <grpc.version>1.71.0</grpc.version>
     <resilience4j.version>1.7.0</resilience4j.version>
   </properties>
@@ -79,6 +80,12 @@
         <artifactId>commons-lang3</artifactId>
         <version>${commons-lang3.version}</version>
       </dependency>
+      <!-- Force safe version of Gson to fix CVE-2025-53864 -->
+      <dependency>
+        <groupId>com.google.code.gson</groupId>
+        <artifactId>gson</artifactId>
+        <version>${gson.version}</version>
+      </dependency>
     </dependencies>
   </dependencyManagement>
   <dependencies>

thin_public_pom.xml

@@ -136,15 +136,15 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.78.1</version>
+      <version>1.79</version>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcpkix-jdk18on</artifactId>
-      <version>1.78.1</version>
+      <version>1.79</version>
     </dependency>
 
-    <!-- Jackson JSON processing -->
+    <!-- JSON processing -->
     <dependency>
       <groupId>com.fasterxml.jackson.core</groupId>
       <artifactId>jackson-databind</artifactId>
@@ -160,7 +160,12 @@
       <artifactId>jackson-core</artifactId>
       <version>2.18.3</version>
     </dependency>
-    
+    <dependency>
+      <groupId>com.google.code.gson</groupId>
+      <artifactId>gson</artifactId>
+      <version>2.13.2</version>
+    </dependency>
+
     <!-- Compression -->
     <dependency>
       <groupId>org.lz4</groupId>
@@ -179,12 +184,12 @@
     <dependency>
       <groupId>io.netty</groupId>
       <artifactId>netty-common</artifactId>
-      <version>4.2.0.Final</version>
+      <version>4.2.6.Final</version>
     </dependency>
     <dependency>
       <groupId>io.netty</groupId>
       <artifactId>netty-buffer</artifactId>
-      <version>4.2.0.Final</version>
+      <version>4.2.6.Final</version>
     </dependency>
 
     <!-- Jakarta Annotations -->