Upgrade CXF to latest version to get rid of CVE-2022-46364 and

[post-svejk]

CVE-2022-46363

Also upgrade WSS4J to 2.4.1 which is supposed to work with CXF >= 3.4.*.

Pull Request Description

Fixes the above two vulnerabilities being reported against Oxalis-AS4 5.4.0 by snyk and Trivy. I have barely tested a snapshot of it with Oxalis 5.4.0 in a test environment at Digipost (both inbound and outbound processes), but haven't found any isses so far.

Not 100% sure yet if the upgrade breaks anything else.

Type of Pull Request

• [ ] New feature/Enhancement - non-breaking change which adds functionality
• [X] Bug fix
• [ ] Breaking change (Require Major version change?)

Type of Change

• [ ] OpenPeppol AS4 specification
• [X] Oxalis software change or enhancement
• [ ] CEF change

Pull Request Checklist:

• [X] My code follows the style guidelines of this project
• [NA] I have commented my code, particularly in hard-to-understand areas. But did not added unnecessary annotation/comment say @author name etc
• [X] I have checked my code for variable and method name and corrected grammar/spelling mistakes if any
• [NA] I have made corresponding changes to the documentation where needed
• [X] My changes generate no new/additional warnings
• [?] My change is not breaking or creating conflict with associated dependencies
• [X] I have performed a self-review of my own code
• [X] I ran mvn clean install before commit and all tests run successfully
• [X] I conducted basic QA to assure all features are working fine
• [X] My pull request generate no conflicts with master branch
• [X] I requested code review from other team members

[post-svejk]

@aaron-kumar : Can you have a look at this?