Fix CVE's

pom.xml

@@ -18,16 +18,40 @@
         <java.version>17</java.version>
         <ipf.version>4.8.0</ipf.version>
         <mockserver.version>5.15.0</mockserver.version>
+        <!-- resolve vulnerabilities -->
+        <cxf.version>3.6.3</cxf.version>
+        <spring-framework.version>5.3.33</spring-framework.version>
+        <json-path.version>2.9.0</json-path.version>
     </properties>
     <dependencyManagement>
         <dependencies>
+            <dependency>
+                <groupId>org.apache.cxf</groupId>
+                <artifactId>cxf-bom</artifactId>
+                <version>${cxf.version}</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
+            <dependency>
+                <groupId>org.springframework</groupId>
+                <artifactId>spring-framework-bom</artifactId>
+                <version>${spring-framework.version}</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
             <dependency>
                 <groupId>org.openehealth.ipf</groupId>
                 <artifactId>ipf-dependencies</artifactId>
                 <type>pom</type>
                 <scope>import</scope>
                 <version>${ipf.version}</version>
             </dependency>
+            <dependency>
+                <groupId>com.jayway.jsonpath</groupId>
+                <artifactId>json-path</artifactId>
+                <version>${json-path.version}</version>
+            </dependency>
+
         </dependencies>
     </dependencyManagement>
     <dependencies>