[Snyk] Upgrade org.apache.cxf:cxf-rt-transports-http from 3.2.0 to 3.6.4

[yingbull]

Snyk has created this PR to upgrade org.apache.cxf:cxf-rt-transports-http from 3.2.0 to 3.6.4.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 54 versions ahead of your current version.

• The recommended version was released on 3 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Cross-site Scripting (XSS) SNYK-JAVA-ORGAPACHECXF-1039798	565	No Known Exploit
	Information Exposure SNYK-JAVA-ORGAPACHECXF-3168313	565	No Known Exploit
	Man-in-the-Middle (MitM) SNYK-JAVA-ORGAPACHECXF-31691	565	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JAVA-ORGAPACHECXF-542666	565	No Known Exploit

---

[!IMPORTANT]

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[socket-security[bot]]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
maven/org.apache.cxf/cxf-rt-transports-http@3.6.4	eval, filesystem, network, unsafe Transitive: environment, shell	+8	19.9 MB

🚮 Removed packages: maven/org.apache.cxf/cxf-rt-transports-http@3.2.0

View full report↗︎