Bump golang and other package versions to fix CVEs

[devanshuVmware]

What this PR does / why we need it:

FIx CVES: golang.org/x/net: CVE-2025-22870, CVE-2025-22872 k8s.io/kubernetes: CVE-2024-9042, CVE-2025-0426 stdlib: CVE-2024-45336, CVE-2024-45341, CVE-2025-22866, CVE-2025-22871

Which issue(s) this PR fixes:

Fixes #

Does this PR introduce a user-facing change?

Additional Notes for your reviewer:

Review Checklist:

• [ ] Follows the developer guidelines
• [ ] Relevant tests are added or updated
• [ ] Relevant docs in this repo added or updated
• [ ] Relevant carvel.dev docs added or updated in a separate PR and there's a link to that PR
• [ ] Code is at least as readable and maintainable as it was before this change

Additional documentation e.g., Proposal, usage docs, etc.: