VULN UPGRADE: minor upgrades — 5 packages (minor: 2 · patch: 3) [tools/misbehaving-jmx-server]

[campaigner-prod]

Summary: Security update — 5 packages upgraded (MINOR changes included)

Manifests changed:

• tools/misbehaving-jmx-server (maven)

Updates

Package	From	To	Type	Vulnerabilities Fixed
org.apache.commons:commons-lang3	3.12.0	3.20.0	minor	2 MODERATE
io.javalin:javalin	5.5.0	5.6.5	minor	-
com.fasterxml.jackson.core:jackson-databind	2.18.1	2.18.5	patch	-
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml	2.18.1	2.18.5	patch	-
org.slf4j:slf4j-simple	2.0.7	2.0.17	patch	-

Packages marked with "-" are updated due to dependency constraints.

---

Security Details

ℹ️ Other Vulnerabilities (2)

Package	CVE	Severity	Summary	Unsafe Version	Fixed In
org.apache.commons:commons-lang3	GHSA-j288-q9x7-2f5v	MODERATE	Apache Commons Lang is vulnerable to Uncontrolled Recursion when processing long inputs	3.12.0	3.18.0
org.apache.commons:commons-lang3	CVE-2025-48924	MODERATE	-	3.12.0	-

⚠️ Dependencies that have Reached EOL (3)

Dependency	Unsafe Version	EOL Date	New Version	Path
com.fasterxml.jackson.core:jackson-databind	2.18.1	-	2.18.5	tools/misbehaving-jmx-server/pom.xml
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml	2.18.1	-	2.18.5	tools/misbehaving-jmx-server/pom.xml
org.apache.commons:commons-lang3	3.12.0	-	3.20.0	tools/misbehaving-jmx-server/pom.xml

---

Review Checklist

Standard review:

• Review changes for compatibility with your code
• Check for breaking changes in release notes
• Run tests locally or wait for CI

---

Update Mode: Vulnerability Remediation

🤖 Generated by DataDog Automated Dependency Management System