jQuery in Salesforce causing vulnerability issues

jQuery in Salesforce causing vulnerability issues

Hi, We are using jQuery within Salesforce to develop the typeahead feature. However our app did not pass the Salesforce security review and they have asked us to fix the issue. I am not very sure, how to fix the issue and how to test this so that it does not happen in the future. Please find the issues listed below. I don't have any familiarity with jQuery and I am wondering if by using a later version will solve our issue. Any suggestions will be really helpful. Thanks
*******************************

Issue Description
When new vulnerabilities are discovered in software, it is important to apply patches and update to a version of the software for which the vulnerability is fixed.
Attackers can create attacks for disclosed vulnerabilities very quickly, so security patches should be deployed as soon as they are available.

CWE: 937
Finding 1 of 1
File
/Typeahead/jquery-1.10.2.min.js
Notes
jquery 1.10.2.min has known vulnerabilities: severity: medium; issue: 2432, summary: 3rd party CORS request may execute; https://github
org/jquery/test/

File
/JQueryUI/jquery-ui/jquery-ui.js
Notes
jquery-ui-dialog 1.12.0-rc.2 has known vulnerabilities: severity: high; bug: 281, summary: XSS Vulnerability on closeText option; https
jquery-ui-autocomplete 1.12.0-rc.2
jquery-ui-tooltip 1.12.0-rc.2

File
/JQueryUI/jquery-ui/external/jquery/jquery.js
Notes
jquery 1.11.3 has known vulnerabilities: severity: medium; issue: 2432, summary: 3rd party CORS request may execute; https://github.com
org/jquery/test/